Today's Top 20 Healthcare News Articles
  1. How 10 health system IT execs explain the cyberthreat to their boards

    With hospital data breaches and ransomware attacks happening with alarming regularity, cybersecurity is a big area of concern for health systems. But it's not always the most straightforward topic to understand. Becker's asked health system chief information security officers how they convince their boards and other leaders about the need for cybersecurity funding, even though it is such a complicated — and ever-changing — issue. Here are 10 executives who shared insights. Note: Their responses have been lightly edited for clarity. Amar Yousif. Vice President and CIO of UTHealth Houston: Hospital boards have evolved to include more sophisticated technology expertise in the last decade. Consequently, one should not myopically focus on "simple" but also "relevant" when communicating complex cyber topics. They'll get it. Consider ransomware control, which the cybersecurity industry usually attempts to communicate in military terms: demilitarized zones, disrupting the kill chain, intrusion detection, and weaponized malware. When presenting to a hospital board, I propose shifting from military terminology to a public health framework. Malware spreads and infects user populations in ways similar to how infectious diseases attack communities. Therefore, concepts and terms that describe a community's public health status — such as infection vector management, intervention, risky behavior, incidence, prevalence, etc. — should be used to allow for more relevant mental models to describe the problem and possible solutions. Michael Kearns. CISO and Director of Infrastructure of Nebraska Methodist Health System (Omaha): I try to illustrate how the threat landscape has grown exponentially. More and more of our vendors are getting hacked which in turn puts our protected health information at risk. I like to use the analogy that the hackers are not only banging on the front door to get in but are coming in via the loading dock door. When you go to the grocery store, imagine buying cereal that has roaches in it. The roaches didn't come in via the front door; they came in from something we purchased. Crude, but it gets my point across. Robert Perry. CISO of Carilion Clinic (Roanoke, Va.): I believe CISOs should resist the temptation to use "FUD" — fear, uncertainty and doubt — to scare the board into cybersecurity funding. My approach is to describe the current cyber landscape in layperson's terms and assign risk ratings to key areas — risk in this case being the chance of a cyber incident occurring and the severity of the incident should it happen. I then describe current and proposed projects in terms of reducing those risks. I jokingly say my alternate title could be "chief risk officer." This approach allows the board to see how proposed funding will reduce cyber-risk to the organization. I also find it useful to use a benchmark like a simplified version of the National Institute of Standards and Technology's Cybersecurity Framework to show our progress over the last year and goals for the following year. This way, leadership can see the progress being made in cybersecurity and see how investments are positively impacting our cyber posture. The cybersecurity landscape is constantly changing, but investing in cyber with a guiding principle of risk reduction avoids cybersecurity "whack-a-mole" where money is spent addressing transient threats that make headlines one week but go away a few weeks later. Erik Decker. Assistant Vice President and CISO of Intermountain Healthcare (Salt Lake City):  By keeping patients front of mind, CISOs can reiterate that cyber-safety is patient safety. Healthcare leadership knows that cyberattacks are paramount. CISOs are the experts and have an opportunity to raise this with their board in business terms.  Frequent, regular communication about cybersecurity precautions and potential threats helps CISOs build relationships, trust and understanding of cybersecurity challenges with the board. CISOs can't promise an attack will never be successful, but if they can reference the amount of investment needed to achieve a reasonable level of safety and security, that is the best way to go about having the conversation. Todd Bell. Executive Director of IT Security and CISO of Valleywise Health (Tempe, Ariz.):  At Valleywise Health, we have a good understanding of the current cyber-risk impact for our healthcare operations. Having our CEO, Steve Purves, on the American Hospital Association board provides a front-row seat of how numerous healthcare organizations are being victimized by ransomware events. As CISO for Valleywise Health, I appreciate that our CIO, Kelly Summers, is a strong sponsor to educate and inform our C-suite and our elected board of directors. In my prior job roles, not every CIO was a strong advocate for cybersecurity, but having this partnership with my CIO helps broaden our cybersecurity program to be effective. Being mission-critical to support our valuable patients is our top priority since a ransomware event is a very disruptive event that wreaks havoc for patient care. We do our best to keep our executive leadership informed about cyber events and how our cybersecurity program needs to evolve at the speed of the internet. The threat landscape changes every week, and being the CISO at Valleywise Health is forcing innovation and technology transformation to adapt to new adversary tactics and techniques. Operating a cybersecurity program is exhausting work, as we are always on high alert and are constantly adapting how we must protect the continuity of our hospital operations. Patrick Voon. Executive Director of Information Systems Security and CISO of Loma Linda (Calif.) University Health: Remind them that we manage cyber-risks according to business impact, and we maintain a posture of defensibility when a breach occurs. Threats are real and we are a prime target — describe the current cyberthreat landscape in the healthcare industry by showing (graphically/visually) salient points from trusted independent sources. And show actual threats we see and block every day. How well or poorly are we doing? Risk management: Show the effectiveness of our current capabilities in combating the cyberthreats, or highlight our gaps that require additional investments in cybersecurity capabilities (people, process and technology) to reduce our cyber-risks to an acceptable level based on business impact. Defensibility: Show how we compare with like organizations in terms of our cybersecurity capability maturity, and seek support for improving areas where our maturity levels are behind others. Report on the progress and performance of our cybersecurity investments to show value while effectively mitigating cyber risks. Recommend investment adjustments (increase, decrease or redistribute) to the cybersecurity roadmap. Jeffrey Vinson. Senior Vice President and Chief Cyber Officer of Harris Health System (Bellaire, Texas): You have to speak to the board in terms of how this cybersecurity initiative will help with patient safety and better patient outcomes. Once you do that, the support for cybersecurity funding can go much easier. Jack Kufahl. CISO of Michigan Medicine (Ann Arbor): The language of information security is largely a specialized maze of jargon and idioms, which is a prohibitive barrier to those outside the domain to understand. If you are in the position of conveying a cyber-risk to a board or executive, it is critical to naturalize the language you use into a context they may better understand and provide real-life examples of the situations you are trying to prevent or behaviors you need to reinforce so they have a better context for what may otherwise come across as noise to their ears. Being explicit about what the before-and-after expectations are also help executives so they can understand what dollars or decisions are required to affect that change. Vikrant Arora. Vice President and CISO of Hospital for Special Surgery (New York City): We accomplish this through communication and alignment. We communicate aggregate cyber-risk to all leaders and the board in an easy-to-understand, consistent and periodic manner. Additionally, cyber investments are aligned with all dimensions of digital business enablement including care delivery, operational support and consumer engagement. Anahi Santiago. CISO of ChristianaCare (Newark, Del.): As cybersecurity executives, CISOs are tasked with communicating highly technical and complex concepts in a way that can be understood by the business and clinicians. This same approach is taken with leaders and the board. Ultimately, it comes down to our ability to distill the conversation to organizational risk and effective risk-management practices that are aligned with organizational culture and risk appetite.
  2. OSF HealthCare names interim president to medical center

    Peoria, Ill.-based OSF HealthCare has named Erin Rogers interim president of its Heart of Mary Medical Center in Urbana, Ill., effective Sept. 26. 
  3. The challenges, opportunities Henry Ford Health's CEO is ready to tackle

    When Bob Riney became president and CEO of Detroit-based Henry Ford Health, he brought with him more than four decades of experience at the organization.

Becker's Hospital Review 10th Annual CEO + CFO Roundtable

Whether your expertise lies with strategy, leadership, execution or finance, you'll learn something new at Becker's CEO + CFO Roundtable. Join former NBA player Shaquille "Shaq" O'Neal and former President George W. Bush this November!
  1. Upstate New York hospital group warns of possible service cuts

    Increasing labor costs and decreasing revenue could cause about 50 hospitals in upstate New York to cut services in the coming year, the CEO of a regional hospital association told lohud in a Sept. 26 report. 
  2. Detroit Medical Center taps Lela Hickonbottom as chief nursing officer of rehab institute 

    Detroit Medical Center appointed Lela Hickonbottom, DNP, RN, as chief nursing officer of its Rehabilitation Institute of Michigan, Detroit Business reported Sept. 23. 
  3. Ardent Health plans to relocate headquarters

    Nashville, Tenn.-based Ardent Health has filed a permit to downsize its headquarters in the spring, the Brentwood Home Page reported Sept. 26. 
  4. Cincinnati Children's taps vice president for health equity center

    Robert Kahn, MD, has been promoted to vice president of Cincinnati Children's and will lead its new Michael Fisher Child Health Equity Center. 

How to get the most from patients' insurance coverage

Self-pay accounts are time-consuming and expensive, but they're also on the rise. Watch now and learn how to protect your margins in unpredictable financial times.
  1. Trinity Health hospital president leaves Michigan post for interim role in Georgia

    David Spivey will leave Trinity Health St. Mary Mercy Livonia (Mich). — where he has served as president for 22 years — to serve as interim president of Athens, Ga.-based Trinity Health St. Mary's, effective Oct. 3. 
  2. Man with gun arrested at Colorado children's hospital

    A man possessing a gun was arrested Sept. 24 at Children's Hospital Colorado Anschutz Medical Campus in Aurora, Colo., after he entered the hospital through an employee entrance, police said in a statement shared with Becker's.
  3. Biden-Harris administration release more nursing home ownership data to the public

    For the first time, officials, researchers and the public can see data about who owns Medicare-certified nursing homes across nursing home locations. The U.S. Department of Health and Human Services is making more ownership data publicly available, according to a CMS release, Sept. 26.
  4. 'Serve with integrity:' Dr. Bruce Hall on leading BJC Healthcare

    Bruce Hall, MD, took over as chief medical officer for St. Louis-based BJC Healthcare in November 2021. Since assuming the role, he has led the system through the pandemic with one of his core values: integrity. 

How UCSD Moores Cancer Center Unlocked Capacity by Reducing No-Show Rates by Up To 50%

Traditional approaches to hospital operations can't meet today's capacity management challenges. Here's what UCSD Moores Cancer Center did to cut no-show rates by 50%
  1. 7 health system collaborations with Amazon, Google, Microsoft

    Big Tech companies including Microsoft, Google and Amazon have been making headway in the healthcare industry through partnerships with hospitals and health systems.
  2. Vanderbilt University Hospital selects new vice president, divisional CFO

    Vanderbilt University Medical Center named Chris Wilde as vice president and divisional CFO for Vanderbilt University Hospital and adult ambulatory operations, according to a Sept. 26 news release.
  3. Pfizer executive: Drugmakers should 'rethink' supply chain logistics

    With COVID-19 vaccine-makers pivoting production as the virus mutates, Jim Cafone, Pfizer's senior vice president of global supply chain, said it is time for pharmaceutical companies to redevelop their logistic strategies, The Wall Street Journal reported Sept. 24.
  4. Past omicron infection outperforms 3 vaccine shots in study

    Testing positive for omicron BA.1 plus two to three mRNA vaccines is the strongest protection against omicron BA.2 compared to being vaccinated with no past COVID-19 infections, a study published Sept. 21 in The Lancet Infectious Diseases found. 
  5. Meritus names vice president to lead talent management

    Hagerstown, Md.-based Meritus Health has named Scott Salzetti vice president of team member services. 
  6. Healthcare consolidation hurts cancer patients, advocates tell The Lancet

    Healthcare consolidation can drive up the cost of drugs and treatment for cancer patients, advocates told The Lancet.
  7. 7 hospitals seeking CEOs

    Here are seven hospitals that recently posted job listings seeking CEOs.
  8. 10 hospitals seeking CFOs

    Below are 10 hospitals and health systems that recently posted job listings seeking CFOs.
  9. Medical records' role in discrimination

    Research increasingly suggests physicians can convey bias under "the guise of objective descriptions" found in medical records, Kaiser Health News reported Sept. 26.

Top 40 Articles from the Past 6 Months