States and localities are taking unprecedented steps to respond to the public health threat posed by the coronavirus disease 2019 (COVID-19) pandemic. Among the measures intended to promote social distancing, many schools have been closed and classes shifted to home-based distance-learning models. The first school closures began in mid-March 2020 and some states have already closed schools for the rest of the academic year. Nearly all of the 55 million students in kindergarten through 12th grade in the US are affected by these closures. School closure substantially disrupt the lives of students and their families and may have consequences for child health. As such, we must consider the potential associations school closures have with children’s wellbeing and what can be done to mitigate them.

Click below to read more.

Digital health systems and innovative care delivery within these systems have great potential to improve national health care and positively impact the health outcomes of patients. However, currently, very few countries have systems that can implement digital interventions at scale. This is partly because of the lack of interoperable electronic health records (EHRs). It is difficult to make decisions for an individual or population when the data on that person or population are dispersed over multiple incompatible systems. This viewpoint paper has highlighted some key obstacles of current EHRs and some promising successes, with the goal of promoting EHR evolution and advocating for frameworks that develop digital health systems that serve populations—a critical goal as we move further into this data-rich century with an ever-increasing number of patients who live longer and depend on health care services where resources may already be strained. This paper aimed to analyze the evolution, obstacles, and current landscape of EHRs and identify fundamental areas of hindrance for interoperability. It also aimed to highlight countries where advances have been made and extract best practices from these examples. The obstacles to EHR interoperability are not easily solved, but improving the current situation in countries where a national policy is not in place will require a focused inquiry into solutions from various sources in the public and private sector. Effort must be made on a national scale to seek

Next generation sequencing (NGS) is becoming the new gold standard in public health microbiology. Like any disruptive technology, its growing popularity inevitably attracts cyber security actors, for whom the health sector is attractive because it combines mission-critical infrastructure and high-value data with cybersecurity vulnerabilities. In this Perspective, we explore cyber security aspects of microbial NGS. We discuss the motivations and objectives for such attack, its feasibility and implications, and highlight policy considerations aimed at threat mitigation. Particular focus is placed on the attack vectors, where the entire process of NGS, from sample to result, could be vulnerable, and a risk assessment based on probability and impact for representative attack vectors is presented. Cyber attacks on microbial NGS could result in loss of confidentiality (leakage of personal or institutional data), integrity (misdetection of pathogens) and availability (denial of sequencing services). NGS platforms are also at risk of being used as propagation vectors, compromising an entire system or network. Owing to the rapid evolution of microbial NGS and its applications, and in light of the dynamics of the cyber security domain, frequent risk assessments should be carried out in order to identify new threats and underpin constantly updated public health policies.

Cybercrime has become an increasing concern for consumers in the United States and internationally. In recent years, cybercrimes in the healthcare industry have drastically increased in type, impact, and frequency. These attacks have negatively impacted patient privacy, the ability of providers to deliver care, and the security of healthcare organizations. Nurses are uniquely positioned to help protect against and report cybercrimes because they are one of the largest employed populations in the healthcare industry and they are on the front line of patient care and healthcare technology use. This article discusses the main concerns of cybersecurity in healthcare, the nurse’s role in preventing and managing cyber security, and recommendations for nurses, educators, and regulators.

Introduction Healthcare data have significant value as a potential target for hackers. Phishing is a method of exploitation for malicious reasons using targeted communications (email/messaging). This study reports on an internal evaluation targeting hospital staff and summarises peer-reviewed literature regarding phishing and healthcare.

Methods An assessment was performed as part of cybersecurity activity during a designated test period using multiple credential harvesting approaches through staff email. We also searched the medical-related literature to identify relevant phishing-related publications.

Results During the 1-month testing period, the organization received 858 200 emails: 139 400 (16%) marketing, 18 871 (2%) identified as potential threats. Of 143million internet transactions, around 5million (3%) were suspected threats. 468 employee email addresses were identified from public data and targeted through phishing using a range of payloads including attachments and malicious links; however, no credentials were recovered or malicious files downloaded. Several hospital employees were, however, identified on social media profiles, including some tricked into accepting false friend requests.

Discussion Healthcare organizations are increasingly moving to digital systems, but healthcare professionals have limited awareness of threats. Increasing emphasis on ‘cyberhygiene’ and information governance through mandatory training increases understanding of these risks. While no credentials were harvested in this study, since up to 5% of emails/internet traffic are suspicious, the need for robust firewalls, cybersecurity infrastructure, IT policies and, most importantly of all, staff training, is emphasized.

Conclusion Hospitals receive a significant volume of potentially malicious emails. While many staff appear to be aware of phishing and respond appropriately, ongoing education is required across the spectrum of cybersecurity, with specific emphasis around ‘leakage’ of information on social media.

The recent rise in cybersecurity breaches in healthcare organizations has put patients’ privacy at a higher risk of being exposed. Despite this threat and the additional danger posed by such incidents to patients’ safety, as well as operational and financial threats to healthcare organizations, very few studies have systematically examined the cybersecurity threats in healthcare. To lay a firm foundation for healthcare organizations and policymakers in better understanding the complexity of the issue of cybersecurity, this study explores the major type of cybersecurity threats for healthcare organizations and explains the roles of the four major players (cyber attackers, cyber defenders, developers, and end-users) in cybersecurity. Finally, the paper discusses a set of recommendations for the policymakers and healthcare organizations to strengthen cybersecurity in their organization

Background: Hospitals have been one of the major targets for phishing attacks. Despite efforts to improve information security compliance, hospitals still significantly suffer from such attacks, impacting the quality of care and the safety of patients.

Objective: This study aimed to investigate why hospital employees decide to click on phishing emails by analyzing actual clicking data.

Methods: We first gauged the factors that influence clicking behavior using the theory of planned behavior (TPB) and integrating trust theories. We then conducted a survey in hospitals and used structural equation modeling to investigate the components of compliance intention. We matched employees’ survey results with their actual clicking data from phishing campaigns.

Results: Our analysis (N=397) reveals that TPB factors (attitude, subjective norms, and perceived behavioral control), as well as collective felt trust and trust in information security technology, are positively related to compliance intention. However, compliance intention is not significantly related to compliance behavior. Only the level of employees’ workload is positively associated with the likelihood of employees clicking on a phishing link.

Conclusions: This is one of the few studies in information security and decision making that observed compliance behavior by analyzing clicking data rather than using self-reported data. We show that, in the context of phishing emails, intention and compliance might not be as strongly linked as previously assumed; hence, hospitals must remain vigilant with vulnerabilities that cannot be easily managed. Importantly, given the significant association between workload and noncompliance behavior (ie, clicking on phishing links), hospitals should better manage employees’ workload to increase information security. Our findings can help health care organizations augment employees’ compliance with their cybersecurity policies and reduce the likelihood of clicking on phishing links.

Cloud computing is a promising technology that is expected to transform the healthcare industry. Cloud computing has many benefits like flexibility, cost and energy savings, resource sharing, and fast deployment. In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. -e centralization of data on the cloud raises many security and privacy concerns for individuals and healthcare providers. -is centralization of data (1) provides attackers with one-stop honey-pot to steal data and intercept data in-motion and (2) moves data ownership to the cloud service providers; therefore, the individuals and healthcare providers lose control over sensitive data. As a result, security, privacy, efficiency, and scalability concerns are hindering the wide adoption of the cloud technology. In this work, we found that the stateof-the art solutions address only a subset of those concerns. -us, there is an immediate need for a holistic solution that balances all the contradicting requirements.

The security of health care data and systems is rapidly emerging as a critical component of hospital infrastructure, and attacks on hospital information systems have had substantial consequences, with closed practices, canceled surgical procedures, diverted ambulances, disrupted operations, and damaged reputations. Attacks against hospitals have been increasing, with substantial financial cost as well. In a recent well-publicized example, a large hospital network was taken offline by a virus for almost 2 weeks, resulting in service disruption, patient confusion, and delays in radiation therapy, among other repercussions. Health care delivery has become increasingly dependent on integrated, complex information systems that are susceptible to disruption. Securing our health information systems is critical to safe and effective care delivery and is now of public health concern.⁷

Phishing is the practice of deceiving individuals into disclosing sensitive personal information or clicking on links that introduce malicious software through deceptive electronic communication.⁸ Usually done via email, phishing is a common attack strategy against health care system employees and can be a remarkably accessible, low-cost, and effective way of obtaining real credentials to health care information systems or inducing employees to click on malicious software.⁹ Phishing emails can be realistic, and the sender’s identity is frequently spoofed, or deliberately faked, so as to appear to be sent by a trusted individual or organization. Once an attacker has access to a system, they can steal personally identifiable information and sell it for profit, disrupt system availability, encrypt a database and demand a ransom payment to unlock it (“ransomware”), manipulate and falsify clinical data, or perform other malicious activities.A recent report indicated that 55% of physicians have experienced a phishing attack.

Employee awareness and training represent an important component of protection against phishing attacks. One method of generating awareness and providing training is to send simulated phishing emails to a group of employees and subsequently target educational material to those who inappropriately click or enter their credentials. For reference, 2 examples of phishing emails are listed in eTable 1 in the Supplement. The first email is a phishing simulation, and the second is an actual phishing email received at 1 of the participating institutions. As shown, the emails can be realistic and often appear to be sent by a trusted individual or member of the employee’s organization. Phishing simulation is common in many industries and is also being used in health care, typically as a training and improvement initiative. The simulated emails are designed to be as close as possible to real phishing emails; if the simulated email is clicked, it is used as a real-time opportunity to provide short phishing education to the employee. Several vendors exist that offer phishing simulation as a service (eg, composing and sending the simulation emails, collecting employee responses, providing phishing training, and reporting on click rates to hospital leadership). In this context, we examined the practice of phishing simulation and the extent to which health care employees are vulnerable to phishing simulations and identified potential determinants of vulnerability to email phishing simulation.

Healthcare is undergoing a transformation, and it is imperative to leverage new technologies to generate new data and support the advent of precision medicine (PM). Recent scientifc breakthroughs and technological advancements have improved our understanding of disease pathogenesis and changed the way we diagnose and treat disease leading to more precise, predictable and powerful health care that is customized for the individual patient. Genetic, genomics, and epigenetic alterations appear to be contributing to different diseases. Deep clinical phenotyping, combined with advanced molecular phenotypic profiling, enables the construction of causal network models in which a genomic region is proposed to influence the levels of transcripts, proteins, and metabolites. Phenotypic analysis bears great importance to elucidate the pathophysiology of networks at the molecular and cellular level. Digital biomarkers (BMs) can have several applications beyond clinical trials in diagnostics—to identify patients affected by a disease or to guide treatment. Digital BMs presents a big opportunity to measure clinical endpoints in a remote, objective and unbiased manner. However, the use of “omics” technologies and large sample sizes have generated massive amounts of data sets, and their analyses have become a major bottleneck requiring sophisticated computational and statistical methods. With the wealth of information for different diseases and its link to intrinsic biology, the challenge is now to turn the multi-parametric taxonomic classification of disease into better clinical decision-making by more precisely defining a disease. As a result, the big data revolution has provided an opportunity to apply artificial intelligence (AI) and machine learning algorithms to this vast data set. The advancements in digital health opportunities have also arisen numerous questions and concerns on the future of healthcare practices in particular with what regards the reliability of AI diagnostic tools, the impact on clinical practice and vulnerability of algorithms. AI, machine learning algorithms, computational biology, and digital BMs will offer an opportunity to translate new data into actionable information thus, allowing earlier diagnosis and precise treatment options. A better understanding and cohesiveness of the different components of the knowledge network is a must to fully exploit the potential of it