Research from the University of Pennsylvania reveals that 96% of surveyed hospitals' websites transmit user data to third parties, including Google, Meta, and various data brokers, without consistently transparent privacy policies. This study highlights the widespread use of tracking technologies across hospital websites, often sharing sensitive visitor information with a vast array of companies. Despite the potential for legal repercussions and privacy concerns, the main driver behind this practice appears to be the ubiquity of tracking in the broader web ecosystem, spurred by a substantial online advertising economy. The researchers suggest that hospitals could leverage their resources, including collaboration with academic departments, to innovate and create a less intrusive web experience. Meanwhile, individuals are encouraged to use browser-based tools like Ghostery and Privacy Badger to protect their data from third-party tracking.

Hospital websites share visitors' data with Google, Meta The Register

A McKinsey report highlights the financial struggles faced by US academic medical centres (AMCs), citing cost inflation and operational complexities as major challenges. Despite substantial growth over the past five years, AMCs experience decreasing operating margins due to rising expenses, workforce shortages, and an increasingly competitive healthcare landscape with more patient care options and alternative care-delivery sites. The report suggests that AMCs need to generate significant additional margins to return to pre-pandemic performance levels and emphasizes the importance of operational efficiency and financial sustainability. It also discusses AMCs' critical roles in clinical innovation, education, and high-quality care. McKinsey's survey of AMC leaders revealed a consensus on the need for more substantial performance improvement initiatives, particularly in clinician change-management, and identified potential areas for operational optimization. The report warns that financial pressures could force cuts in education and research funding, even as some AMCs successfully improve performance through cost-saving measures and efficiency improvements, underscoring the necessity for a holistic and ambitious transformation approach to overcome these challenges.

US Academic Medical Centres 'Struggling' says McKinsey healthcare-digital.com

A LastPass employee recently avoided a scam attempt involving a deepfake audio call impersonating the company's CEO, highlighting the rising threat of deepfake technology in cybersecurity. This incident, shared by LastPass to raise awareness, underscores the increasing use of deepfakes for executive impersonation and fraud campaigns, beyond the sophisticated operations of nation-state actors. The industry is urged to adapt by training staff to recognize and respond to these evolving social engineering attacks, which now extend beyond phishing emails to include voice, SMS, and video. Experts advocate for critical thinking and verification before action, emphasizing employee training as a crucial defense against these sophisticated threats.

LastPass thwarts attempt to deceive employee with deepfake audio SC Magazine

Epic Systems has terminated data access for startup Particle Health, citing misuse of patient data for unauthorized purposes beyond treatment, raising concerns over potential HIPAA violations. As the largest Electronic Health Record (EHR) provider in the U.S., Epic's move impacts Particle's access to a vast network of over 300 million patient records. Particle, accused of sharing sensitive data with third parties not involved in patient care, was disconnected from Epic’s interoperability network, Carequality, which facilitates extensive health document exchanges. Both companies have expressed their positions, with Particle addressing the issue and emphasizing the complexity in defining 'treatment' purposes in today’s evolving healthcare landscape. Epic's decision underlines the critical importance of data privacy and the adherence to stringent purposes outlined in patient data exchange agreements.

Health records giant Epic cracks down on startup for unauthorized sharing of patient data Flipboard