The American Hospital Association (AHA) has taken legal action against the Department of Health and Human Services (HHS) for its bulletin on the use of online tracking technologies by HIPAA-covered entities, labeling it as both "substantively and procedurally unlawful." The AHA criticizes the HHS's restrictions on healthcare organizations' ability to use third-party web tracking technologies, which could collect visitors' IP addresses, arguing that such limitations could hinder healthcare providers from disseminating important health information. Despite HHS issuing a revised bulletin in response to legal challenges, the AHA contends that the changes are insufficient and maintain the original bulletin's flaws. The organization, alongside others, has sued HHS to prevent the enforcement of what it views as overreaching regulatory measures that could affect how healthcare entities communicate with their communities.

Hospital group calls HHS' web tracking rules unlawful Beckers Hospital Review

The RansomHub extortion gang has started to release what it claims to be corporate and patient data stolen from United Health's subsidiary, Change Healthcare, escalating a complex extortion scheme following a February cyberattack. This attack, linked to the BlackCat/ALPHV ransomware group, disrupted U.S. healthcare billing services severely. Even after the BlackCat group ceased operations amid allegations of an exit scam involving a $22 million ransom from Change Healthcare, the affiliate known as "Notchy" has partnered with RansomHub to demand another ransom. Despite not confirming any ransom payment, Change Healthcare faces a renewed threat as attackers begin leaking sensitive data, including patient information, and threaten to sell it unless their demands are met within five days.

Ransomware gang starts leaking alleged stolen Change Healthcare data BleepingComputer

In a series of LinkedIn posts, Justin Norden, MD, MBA, MPhil, Partner at GSR Ventures and Adjunct Professor at Stanford Medicine, highlights key insights from the Stanford Med216 course on Generative AI and Medicine, emphasizes the transformative potential of AI in healthcare, and calls for a participatory approach to innovation. Dr. John Hennessy's session stressed the rapid pace of AI innovation, which is reshaping the landscape faster than previous technological waves, necessitating swift adaptation in education and regulatory frameworks. The discussion spans the impact of AI on patient care, diagnostic accuracy, and research efficiency, alongside the intellectual curiosity needed to navigate these changes. Norden also shares findings from a digital health VC survey, revealing cautious optimism towards generative AI's influence on investment strategies, with a focus on healthcare data analytics and tech-enabled services. Additionally, insights from healthcare system surveys unveil a critical gap between the perceived potential of generative AI in healthcare and the lack of prepared strategies for its implementation, signaling an urgent need for concise action plans amidst fast-evolving AI capabilities.

Justin Norden, MD, MBA, MPhil on LinkedIn: #genai #lifelonglearning #futureofhealth #ai LinkedIn

John Riggi, the National Advisor for Cybersecurity and Risk at the American Hospital Association (AHA), testified about the cyberattack on Change Healthcare, highlighting its significant impact on the U.S. healthcare system, including disruptions to patient care and financial strains on healthcare providers. Representing AHA’s vast network, Riggi stressed the organization's commitment to cybersecurity and its collaborative efforts with federal agencies to enhance protections against cyber threats. He detailed the extensive consequences of the Change Healthcare attack, including compromised patient care, financial losses for healthcare providers, and the ongoing challenges in restoring operations. Riggi also discussed the AHA’s recommendations for legislative and administrative actions to improve cybersecurity resilience within the healthcare sector and mitigate the impacts of future attacks. His testimony underscored the need for a comprehensive approach to cybersecurity that includes support for affected providers and a strong offensive strategy against cyber adversaries.

AHA Testimony for Energy and Commerce Subcommittee Hearing on Cybersecurity | AHA aha.org