A McKinsey report highlights the financial struggles faced by US academic medical centres (AMCs), citing cost inflation and operational complexities as major challenges. Despite substantial growth over the past five years, AMCs experience decreasing operating margins due to rising expenses, workforce shortages, and an increasingly competitive healthcare landscape with more patient care options and alternative care-delivery sites. The report suggests that AMCs need to generate significant additional margins to return to pre-pandemic performance levels and emphasizes the importance of operational efficiency and financial sustainability. It also discusses AMCs' critical roles in clinical innovation, education, and high-quality care. McKinsey's survey of AMC leaders revealed a consensus on the need for more substantial performance improvement initiatives, particularly in clinician change-management, and identified potential areas for operational optimization. The report warns that financial pressures could force cuts in education and research funding, even as some AMCs successfully improve performance through cost-saving measures and efficiency improvements, underscoring the necessity for a holistic and ambitious transformation approach to overcome these challenges.

US Academic Medical Centres 'Struggling' says McKinsey healthcare-digital.com

A LastPass employee recently avoided a scam attempt involving a deepfake audio call impersonating the company's CEO, highlighting the rising threat of deepfake technology in cybersecurity. This incident, shared by LastPass to raise awareness, underscores the increasing use of deepfakes for executive impersonation and fraud campaigns, beyond the sophisticated operations of nation-state actors. The industry is urged to adapt by training staff to recognize and respond to these evolving social engineering attacks, which now extend beyond phishing emails to include voice, SMS, and video. Experts advocate for critical thinking and verification before action, emphasizing employee training as a crucial defense against these sophisticated threats.

LastPass thwarts attempt to deceive employee with deepfake audio SC Magazine

Epic Systems has terminated data access for startup Particle Health, citing misuse of patient data for unauthorized purposes beyond treatment, raising concerns over potential HIPAA violations. As the largest Electronic Health Record (EHR) provider in the U.S., Epic's move impacts Particle's access to a vast network of over 300 million patient records. Particle, accused of sharing sensitive data with third parties not involved in patient care, was disconnected from Epic’s interoperability network, Carequality, which facilitates extensive health document exchanges. Both companies have expressed their positions, with Particle addressing the issue and emphasizing the complexity in defining 'treatment' purposes in today’s evolving healthcare landscape. Epic's decision underlines the critical importance of data privacy and the adherence to stringent purposes outlined in patient data exchange agreements.

Health records giant Epic cracks down on startup for unauthorized sharing of patient data Flipboard

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is currently investigating a security breach at Sisense, a business intelligence firm known for its dashboard product that consolidates data from various online services. In response to the breach, both CISA and Sisense have advised customers to reset all shared credentials and secrets as a precautionary measure. The breach, which was disclosed by Sisense CISO Sangram Dash, reportedly began with unauthorized access to the company's Gitlab code repository, leading to the exfiltration of several terabytes of sensitive customer data, including access tokens, email passwords, and SSL certificates, from Sisense's Amazon S3 cloud storage. The incident has highlighted the need for rigorous data protection measures, especially when handling customer information. Sisense is coordinating with its customers on mitigation steps, which include a comprehensive reset of potentially compromised digital keys and tokens across various technologies.

Why CISA is Warning CISOs About a Breach at Sisense Krebs on Security

A McKinsey report highlights the financial struggles faced by US academic medical centres (AMCs), citing cost inflation and operational complexities as major challenges. Despite substantial growth over the past five years, AMCs experience decreasing operating margins due to rising expenses, workforce shortages, and an increasingly competitive healthcare landscape with more patient care options and alternative care-delivery sites. The report suggests that AMCs need to generate significant additional margins to return to pre-pandemic performance levels and emphasizes the importance of operational efficiency and financial sustainability. It also discusses AMCs' critical roles in clinical innovation, education, and high-quality care. McKinsey's survey of AMC leaders revealed a consensus on the need for more substantial performance improvement initiatives, particularly in clinician change-management, and identified potential areas for operational optimization. The report warns that financial pressures could force cuts in education and research funding, even as some AMCs successfully improve performance through cost-saving measures and efficiency improvements, underscoring the necessity for a holistic and ambitious transformation approach to overcome these challenges.

US Academic Medical Centres 'Struggling' says McKinsey healthcare-digital.com

A LastPass employee recently avoided a scam attempt involving a deepfake audio call impersonating the company's CEO, highlighting the rising threat of deepfake technology in cybersecurity. This incident, shared by LastPass to raise awareness, underscores the increasing use of deepfakes for executive impersonation and fraud campaigns, beyond the sophisticated operations of nation-state actors. The industry is urged to adapt by training staff to recognize and respond to these evolving social engineering attacks, which now extend beyond phishing emails to include voice, SMS, and video. Experts advocate for critical thinking and verification before action, emphasizing employee training as a crucial defense against these sophisticated threats.

LastPass thwarts attempt to deceive employee with deepfake audio SC Magazine

Epic Systems has terminated data access for startup Particle Health, citing misuse of patient data for unauthorized purposes beyond treatment, raising concerns over potential HIPAA violations. As the largest Electronic Health Record (EHR) provider in the U.S., Epic's move impacts Particle's access to a vast network of over 300 million patient records. Particle, accused of sharing sensitive data with third parties not involved in patient care, was disconnected from Epic’s interoperability network, Carequality, which facilitates extensive health document exchanges. Both companies have expressed their positions, with Particle addressing the issue and emphasizing the complexity in defining 'treatment' purposes in today’s evolving healthcare landscape. Epic's decision underlines the critical importance of data privacy and the adherence to stringent purposes outlined in patient data exchange agreements.

Health records giant Epic cracks down on startup for unauthorized sharing of patient data Flipboard

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is currently investigating a security breach at Sisense, a business intelligence firm known for its dashboard product that consolidates data from various online services. In response to the breach, both CISA and Sisense have advised customers to reset all shared credentials and secrets as a precautionary measure. The breach, which was disclosed by Sisense CISO Sangram Dash, reportedly began with unauthorized access to the company's Gitlab code repository, leading to the exfiltration of several terabytes of sensitive customer data, including access tokens, email passwords, and SSL certificates, from Sisense's Amazon S3 cloud storage. The incident has highlighted the need for rigorous data protection measures, especially when handling customer information. Sisense is coordinating with its customers on mitigation steps, which include a comprehensive reset of potentially compromised digital keys and tokens across various technologies.

Why CISA is Warning CISOs About a Breach at Sisense Krebs on Security