Court documents reveal that federal and state investigations are underway into Prospect Medical Holdings, a 16-hospital system accused of defrauding the government and failing to protect personal information prior to a ransomware attack last year. The investigations, which involve the U.S. Department of Justice, Connecticut Attorney General, and Connecticut Commissioner of Consumer Protection, are part of a larger legal conflict with Yale New Haven Health over a $435 million hospital sale. The DOJ has issued Civil Investigative Demands linked to potential violations of the False Claims Act, while Connecticut officials are focused on cybersecurity lapses and potentially deceptive hospital funding practices. Prospect denies all allegations.

Unsealed court filings offer details of DOJ investigation into Prospect Medical HealthCare Dive

The article highlights the pitfalls of focusing too much on the identities of cybercriminal groups in enterprise security strategies. Experts, including Andy Piazza from Palo Alto Networks Unit 42 and Jen Easterly from the Cybersecurity and Infrastructure Security Agency, argue that mythologizing threat actors can detract from more effective practices like improving detection, response capabilities, and patch management. They suggest that instead of emphasizing the names and narratives of cyberattacks, defenders should concentrate on practical measures to reduce risk. Crowdsourcing efforts from cybersecurity vendors, such as CrowdStrike's symbolic representations of threat groups, aim to elevate cybersecurity discourse but can inadvertently glamorize the adversaries they seek to neutralize.

It’s time to stop thinking of threat groups as supervillains, experts say Cybersecurity Dive

Since 2021, the Assistant Secretary for Technology Policy and Office of the National Coordinator for Health IT (ASTP) and the American Board of Family Medicine (ABFM) have collaborated to develop survey questions to understand family physicians' experiences with health IT in primary care. Through a cooperative agreement involving UCSF, these surveys informed policy decisions and research. In 2022 and 2023, ABFM included these questions in their Continuous Certification Questionnaire, achieving a high response rate by embedding them in the recertification process. Despite differing respondent demographics between various surveys, trends in health IT usage and challenges were notably consistent. A key difference was the higher documentation burden reported by ABFM respondents. The survey questions were refined over the cooperative agreement's third year, with new data currently under analysis and available for request from ABFM.

New Data Available on How Physicians Experience Interoperability HealthIT.gov

Hospitals are increasingly reliant on internet-connected devices for patient care, but this dependency makes them targets for cyberattacks. Cybersecurity expert Beau Woods stresses the necessity of cybersecurity funding, as attacks can impede treatment and force patient transfers. Such incidents have surged, with attacks on organizations like Change Healthcare and Ascension causing significant disruptions. To combat this, the Biden administration has announced tech companies will provide free or discounted cybersecurity services to underfunded hospitals. However, experts worry that these temporary measures may not offer a long-term solution, highlighting the ongoing vulnerability of smaller hospitals. Cyberattack simulations underscore the importance of preparedness in ensuring patient safety.

After health care attacks, tech giants will help small hospitals with cyber defenses NPR