Virtualization Technology News and Information
Industry Experts Share Hot Topics and Trends for HIMSS 2023

HIMSS 2023 

HIMSS (Healthcare Information and Management Systems Society) is one of the largest conferences in the healthcare industry, bringing together industry leaders, experts, and enthusiasts from across the globe. The conference provides a platform for sharing the latest trends, technologies, and best practices in the healthcare IT sector.

The future of Healthcare IT and its impact on the healthcare workforce is going to be a hot topic discussed at HIMSS 2023. The integration of new technologies such as AI, Blockchain, and Telemedicine in healthcare will require a new set of skills and competencies among healthcare workers. HIMSS 2023 will provide a platform for industry leaders and experts to discuss the training and education programs needed to equip the healthcare workforce with the necessary skills to adapt to these changes.

HIMSS 2023 promises to be an exciting event, bringing together healthcare professionals, industry leaders, and enthusiasts to discuss the latest trends and technologies in healthcare IT. The conference will provide a platform for discussing the challenges and opportunities facing the healthcare industry and exploring how new technologies can be leveraged to improve patient outcomes, reduce costs, and enhance the overall quality of care.

Keep reading below as industry experts share their thoughts around the hot topics and trends they expect to hear more about at this year's event.


Brian Knudtson, Director of Product Market Intelligence, 11:11 Systems

"Cybersecurity starts to follow a cloud-like path. Everyone knows that security is critical to the future of all businesses, especially healthcare companies. However, the lack of available experienced personnel in the market and the ever growing demands make cybersecurity specialists hard to find, recruit, and retain. Much like the move to cloud was partially driven by consolidating infrastructure specializations, businesses are starting to turn to managed security service providers to reduce the costs and improve the efficiency of their cybersecurity efforts."


Karen Worstell, Senior Cybersecurity Strategist, VMware

"We can expect cybercrime in the healthcare sector to escalate in two ways: extortion via data exfiltration, and disclosure and destruction of infrastructure. Infrastructure like healthcare is of particular interest to cybercriminals due to the valuable data and information the industry can offer. Since it has become such a high-priority target for attackers, it is essential for providers to make their security highly effective and efficient – there is no room for waste in the budget.

To build these types of programs, organizations should contain a set of controls that work together to achieve outcomes that are relevant and specific to the industry. Endpoint protection is the best strategy against the number one entry point of security breaches - the end user’s device. Providers shouldn’t settle for a product that won’t have the full flexibility and capability they will need as the cybercrime situation continues to escalate."


Will LaSala, Field CTO, OneSpan

"During the pandemic, we know healthcare organizations were forced to quickly digitize, ramping up technological capabilities to meet the needs of patients - namely through virtual appointments and other telehealth offerings. However, in most cases, security was severely neglected - not for convenience, but to continue essential services as the world shut down. In 2023, convenience is now a patient demand, hackers understand how to take advantage of such virtual practices, and the industry has yet to widely implement the security measures needed to combat these growing threats. As a result, we've seen massive increases in data breaches coming from all areas of healthcare on a global scale - most notably, Australia's largest health insurance provider, Medibank, suffered a data breach that compromised almost all of its four million customers. There has also been an increase in phishing, social engineering, and ransomware attacks that we expect will continue into the new year.

Looking ahead, there is a balance that must be struck between patient demands, privacy and lack of human interaction. Security should be considered a must have and should be interwoven into all the choices application providers are making. Data breaches from a variety of application providers mean threat actors can gain access to a wealth of knowledge and valuable personal identifiable information (PPI). Furthermore, threat actors can now see things like patient trends, patterns and the way patients interact in social settings - not just the obvious PII, like names and birthdates - meaning threat actors can now create almost impossible to identify synthetic identities. Without the correct technology to detect these fakes, these synthetic identities will severely disrupt people's lives and the way we do business. The response to all of this is the increased level of security that must be adopted into the fabric of all our transactions and agreements."


Steve Gwizdala, Vice President Healthcare, ForgeRock 

"Healthcare continues to be the industry most impacted by data breaches. In 2021, healthcare-related data breaches made up 24% of overall cybersecurity incidents, the largest across all industries. It should come as no surprise that as healthcare breaches rise, so has the average cost to mitigate them. 

Vigilance and new ways of enhancing cybersecurity measures will be crucial to healthcare organizations and businesses responsible for protecting the personal information of consumers stored online in 2023 and beyond. The traditional password and username approach is no longer enough to properly protect such valuable information. Implementing multi-factor authentication (MFA), passwordless authentication, and zero-trust architecture ensures users experience a high level of security while mitigating risk and reducing opportunities for malicious actors to capture patient medical records. 

The demand for security and flexibility is extremely high within the healthcare industry as members and patients navigate different insurance providers, medical providers and specialists, while also taking a hybrid approach to in-person and virtual medical appointments. As competition in the medical industry continues to increase for attracting patients and members, the medical industry must transition to deliver a more retail-like experience yet without jeopardizing security. Creating an improved patient experience while never losing sight of protection is no longer a nice to have, it is a need to have." 


Chad Peterson, Managing Director, NetSPI

"As ransomware attacks against the healthcare sector rise, it's critical that organizations ensure they are remaining compliant with HIPAA. Last year, the Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) filed 22 HIPAA resolution agreements totaling over $1.12 million in settlement fines. A key issue is that HIPAA provides little guidance around the best practices to achieve compliance - leaving holes in healthcare organization's security strategies. An often overlooked solution to this ongoing issue is penetration testing, which addresses the need to map, understand, and close gaps in an organization's attack surface that could expose electronic protected health information (ePHI). Looking forward, healthcare security and IT teams must take a proactive mindset to HIPAA compliance. Organizations that implement comprehensive pentesting programs into their security programs will achieve better compliance and build resilience in the current threat landscape."


Ryan Farris, VP of Products, Qumulo

"Many healthcare customers have voiced that storage efficiency is a big cause for concern. Without built-in analytics tools, medical centers do not have insight into poor small file efficiency and high operational overhead that may impact a doctor's ability to quickly serve the patient. What they need is a cost effective way to simplify workflows to provide the best possible patient services, while ensuring data safety.

Hospitals have a lot of extra securities around patient data and they need to process data through cloud-based monitoring in a flexible and efficient manner. Qumulo offers a cloud native managed storage solution that elegantly solves for business continuity and disaster recovery use cases, with built-in rich file analytics. When working with data of this volume, medical centers must be able to use the cloud swiftly, without the significant capital expenses of on-premises deployments. Efficiency and integrity is the key to ensuring the best possible patient services."


Adam Rusho, Field CTO at Clumio 

"Cloud solutions such as AWS have enabled healthcare organizations to decrease costs, improve operational and clinical efficiencies, and ultimately enhance overall patient care. Unfortunately, healthcare companies that have migrated to the cloud have found that the same data protection strategies they used for on-premises data don't offer the complete protection needed, or the simplicity desired, especially when it comes to modern services like Amazon S3. Despite needing to comply with standards set by protective laws such as HIPPA and HITECH, critically important data can disappear in an instant due not only to cyberattacks but more mundane threats like accidental deletions or data corruption. However data is affected, operational and informational disruptions are uniquely problematic for healthcare companies because the inability to access health records can put patients at risk. Even when patient records are not directly involved, capacity planning, drug development, and important research can be derailed by data loss.

Applying strict data governance standards that keep data lakes backed up, air-gapped, immutable, and encrypted ensures that healthcare networks can secure private information on the cloud. It is also imperative for the protection and recovery to be radically simple. As the volume of data grows and spreads across multiple cloud services, snapshot-based backups or DIY tooling like versioning can get complex and expensive and are not HIPAA-compliant. By simplifying data protection at scale, companies can define protection and recovery policies for particular data sets, optimizing cloud costs and keeping in compliance." 


Jon Toor, CMO, Cloudian

"With even more amounts of healthcare data created as a result of the pandemic, it's not an easy task for organizations to keep data safe while attacks are increasing. The best line of defense is at the storage layer, where the data is written. Many of our healthcare customers understand that tactics such as an immutable backup copy of data allow backup data copies to be secure for a set period of time, preventing hacker encryption or deletion and ensuring a clean data copy for reliable recovery. We will be talking at HIMSS about ways to keep healthcare data safe, with specific details about the solutions used by our current healthcare users and how Cloudian and its network of partners are helping them today." 


Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business and former Gartner analyst

"The healthcare industry is continuing to make moves to digitally transform as more health services are being performed beyond clinical walls. While digital transformation has great promise, there are new and increasing threats and vulnerabilities that organizations need to be concerned about. Data breaches remain amongst the most frequently reported and can be caused by a variety of factors. DDoS attacks are another major threat to healthcare as they can force an entire organization offline.

Healthcare risks are increasingly clustering around edge and cloud assets. According to the 2022 AT&T Cybersecurity Insight Report, while for most other industries ransomware attacks are the number one concern, healthcare sees two other attack vectors as top-of-mind ahead of ransomware:  the potential for attacks against servers or data at the network edge and attacks against associated cloud workloads. The study found that over 60% of healthcare organizations ranked attacks against servers/data at the network edge as cyber threats of highest concern to them. Likewise, over 60% of healthcare organizations said attacks against associated cloud workloads were some of the riskiest future attacks against them."


Lyle McMillin, Principal Product Manager, Hyland Healthcare

"Data management continues to be a top priority. Based on recent healthcare customer conversations, we are expecting data management to be an important topic. Years of mergers and acquisitions, siloed application purchases and ever-changing data schemas have made it difficult for health systems to put their data to work in order to achieve their strategic objectives. Although this has been a long-standing discussion point at HIMSS, many health systems’ most pressing strategic initiatives are data driven; this includes projects designed to improve patient care through the deployment of advanced AI/ML tools and driving higher levels of patient engagement through digital technologies like patient portals."


Published Monday, April 17, 2023 7:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2023>