Healthcare organizations are urged to implement a privileged access model to mitigate ransomware threats, a strategy that necessitates collaboration between IT and security teams and organization-wide support. Erik Decker, Chief Information Security Officer at Intermountain Health, underscores the importance of safeguarding systems like Active Directory, which are commonly targeted by attackers seeking to escalate privileges and access sensitive information. By adopting a secure-by-design approach grounded in established security principles, Intermountain Health aims to reduce credential exposure and bolster its cybersecurity defenses against tactics frequently employed by cybercriminals.

Healthcare Organizations Urged to Adopt Privileged Access Model to Combat Ransomware Healthcare IT News

Vermont has enacted a new bill requiring all hospitals to create comprehensive security plans to prevent workplace violence, effective July 1. Signed by Governor Phil Scott, the law mandates hospitals to form development teams that include healthcare workers and law enforcement, ensuring a collaborative approach to security informed by a risk assessment. Additionally, hospitals must appoint a trained employee in trauma-informed care and victim support to facilitate communication with law enforcement in violent incidents, aiming to enhance safety for both staff and patients.

Vermont Enacts New Bill to Boost Healthcare Workplace Safety Becker's Hospital Review

Epic Systems has seen significant growth in the U.S. acute care EHR market, achieving its largest net gain in market share in 2024 despite a slight overall market decline, as indicated in the latest KLAS report. The company secured contracts with ten major health systems, including ChristianaCare and UAB Health, bolstered by a strong reputation for customer partnership. Conversely, Oracle Health, Epic's main competitor, struggled with a net loss of 74 clients despite gaining nine new contracts, as customer loyalty and relationship ratings fell post-Cerner acquisition. However, some customers express cautious optimism about Oracle's new product offerings, including the Clinical AI Agent.

Epic Systems Seizes Market Lead in U.S. EHR Sector Amidst Competition Healthcare IT News

Ascension has disclosed a security incident affecting patient data at multiple care sites across five states, attributed to an inadvertent disclosure to a former business partner due to a vulnerability in third-party software. Identified on December 5, 2024, the breach potentially involved the theft of sensitive patient information, including personal and clinical details. Despite the seriousness of the situation, Ascension confirmed that its own systems and electronic health records were not compromised. The affected states are Alabama, Michigan, Indiana, Tennessee, and Texas, with an investigation concluding on January 21 revealing the specifics of the data exposed.

Ascension Faces Data Breach: Patient Information Compromised Across Five States WWMT