Cyberattacks and ransomware have been an ongoing story throughout the entire year, with hospitals and healthcare systems being one of the most popular targets for hackers attempting to shut down services and access personal information in hopes of a payout.
Take, for example, an attack on patient records that happened just last week at Ardent Health Services hospitals in New Jersey, Texas, Oklahoma, and New Mexico: one of, if not the largest operator to be hit so far. The attack shut down a significant number of the health system’s computerized services, causing a temporary shutdown of affected hospitals’ emergency rooms and rescheduling of surgeries, all while nurses rushed to print out paper patient records.
While the first time health systems and hospitals were specifically targeted on record in this fashion was in 2016, the U.S. Department of Health and Human Services (HHS) estimated recently that more than 61 million people’s medical data has been exposed just since January – and the Biden Administration has been very keen to address this.
Back in March, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched a program to warn American companies that their systems are vulnerable to ransomware attacks in the brief but vital time period between a hacker gaining access to a network and when they lock up the network and demand payment. Indeed, in the Ardent Health incident, CISA officials reached out to the company to alert them about suspicious activity in their system.
Now CISA has released a new mitigation guide for healthcare and public health organizations that identifies common vulnerabilities and how the sector can shore up their systems to prevent these attacks in the first place. The agency previously released a Cyber Risk Summary document back in July, and this new release is being called a “supplemental companion” to that.
The guidelines are, of course, optional, but are intended to help health system IT teams and others in the industry looking for best practices and recommendations.
The new guide looks at three main areas where healthcare is vulnerable: asset management and security, identity management and device security, and vulnerability and configuration management. Now, I won’t go into explicit detail about each of these – I’ll leave you something to look forward to reading – but some highlighted recommendations include having employees use phishing-resistant multifactor authentication, allowing encrypted connections and watermarked emails, and restricting access to sensitive data to only those who need it.
CISA also goes on to note that they’ve additionally published guidelines for software design that direct technology manufacturers to develop programs with cybersecurity in mind. The agency makes clear that this is not solely the responsibility of healthcare and public health organizations; it is a joint effort.
This effort is vitally important; a CISA study found that cyberattacks in hospitals resulted in reduced capacity and worsened health outcomes, both immediately and long after the attack. Aside from the rescheduled surgeries and necessity for paper records, the study found downstream effects of delayed cancer treatments, loss of communication between hospitals in the network, inability to submit radiology imaging, and delayed communication of test results.
As we close out 2023, cyberattacks unfortunately add another layer to the healthcare industry’s struggles. Amid staffing and budget concerns, organizations are going to need to consider CISA’s and other recommendations to ensure their networks’ safety. But as studies show, it’s worth it. And like FBI Director Christopher Wray stated when discussing the issue: “The best time to patch the roof is before there’s a leak.”
Leukemia, lymphoma, and multiple myeloma are all types of blood cancers, but they affect different types of blood cells and have unique characteristics. Leukemia involves
In the Inpatient Prospective Payment System (IPPS) Proposed Rule for the 2026 fiscal year (FY), the Centers for Medicare & Medicaid Services (CMS) announced updates
Please log in to your account to comment on this article.
Stop revenue leakage and boost hospital performance by mastering risk adjustment and HCCs. This essential webcast with expert Cheryl Ericson, RN, MS, CCDS, CDIP, will reveal how inaccurate patient acuity documentation leads to lost reimbursements through penalties from poor quality scores. Learn the critical differences between HCCs and traditional CCs/MCCs, adapt your CDI workflows, and ensure accurate payments in Medicare Advantage and value-based care models. Perfect for HIM leaders, coders, and CDI professionals. Don’t miss this chance to protect your hospital’s revenue and reputation!
Struggling with ICD-10-CM coding for diabetes and complications? This expert-led webcast clarifies complex combination codes, documentation gaps, and sequencing rules to reduce denials and ensure compliance. Dr. Angela Comfort will provide actionable strategies to accurately link diabetes to complications, improve provider documentation, and optimize reimbursement—helping coders, CDI specialists, and HIM leaders minimize audit risks and strengthen revenue integrity. Don’t miss this chance to master diabetes coding with real-world case studies, key takeaways, and live Q&A!
Uncover critical guidance. Kay Piper provides an interactive review on coding guidelines and more in the AHA’s fourth quarter 2025 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance. Kay Piper provides an interactive review on coding guidelines and more in the AHA’s third quarter 2025 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Struggling with CMS’s 3-Day Payment Window? Join compliance expert Michael G. Calahan, PA, MBA, CCO, to master billing restrictions for pre-admission and inter-facility services. Learn how to avoid audit risks, optimize revenue cycle workflows, and ensure compliance across departments. Critical for C-suite leaders, providers, coders, revenue cycle teams, and compliance teams—this webcast delivers actionable strategies to protect reimbursements and meet federal regulations.
Providers face increasing Medicare audits when using skin substitute grafts, leaving many unprepared for claim denials and financial liabilities. Join veteran healthcare attorney Andrew B. Wachler, Esq., in this essential webcast and master the Medicare audit process, learn best practices for compliant billing and documentation, and mitigate fraud and abuse risks. With actionable insights and a live Q&A session, you’ll gain the tools to defend your practice and ensure compliance in this rapidly evolving landscape.
Dr. Ronald Hirsch dives into the basics of Medicare for clinicians to be successful as utilization review professionals. He’ll break down what Medicare does and doesn’t pay for, what services it provides and how hospitals get paid for providing those services – including both inpatient and outpatient. Learn how claims are prepared and how much patients must pay for their care. By attending our webcast, you will gain a new understanding of these issues and be better equipped to talk to patients, to their medical staff, and to their administrative team.
Hospitals face growing challenges in measuring observation metrics due to inconsistencies in classification, payer policies, and benchmarking practices. Join Tiffany Ferguson, LMSW, CMAC, ACM, and Anuja Mohla, DO, FACP, MBA, ACPA-C, CHCQM-PHYADV as they provide critical insights into refining observation metrics. This webcast will address key issues affecting observation data integrity and offer strategies for improving consistency in reporting. You will learn how to define meaningful metrics, clarify commonly misinterpreted terms, and apply best practices for benchmarking, and gain actionable strategies to enhance observation data reliability, mitigate financial risk, and drive better decision-making.
Copyright © 2025 ICD10monitor. Powered by MedLearn Media.
Celebrate Lab Week with MedLearn! Sign up to win one year of our Laboratory All Access Pass! Click here to learn more →
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
