Healthcare Information Security

Cybersecurity News

DirectTrust Voices Concern for Cybersecurity in Healthcare

DirectTrust made recommendations to the new administration, highlighting cybersecurity in healthcare as a key issue.

By Elizabeth Snell

The new administration needs to understand the importance of creating strong cybersecurity measures in healthcare, according to DirectTrust.

Healthcare cybersecurity needs to be top priority for new administration, DirectTrust says

Encryption, authentication, and identity management are all critical requirements to help policy and operational efforts in that area, DirectTrust explained in a list of four recommendations to the President-elect's Transition Team.

"We've made significant progress in the areas of increased electronic health records (EHR) adoption and interoperability during the past four years,” DirectTrust CEO and President David C. Kibbe, MD, MBA said in a statement. “Our hope is that the momentum established to this point will continue under the new administration."

Along with healthcare cybersecurity, DirectTrust said that the President needs to appoint a strong Office of the National Coordinator (ONC) leader. This individuals needs to “speak to technical audiences on the key standards for interoperability, security controls, and content delivery that support value-based payments” and be well-versed in emerging healthcare technologies.

Additionally, EHR adoption and interoperability need to remain a top priority, DirectTrust maintained.

“New policies should build on existing technology for interoperable exchange already integrated into EHRs under the 2014 Certification Program, such as Direct Messaging, eHealthExchange, IHE-XDR and the CCDA, while supporting development of new technologies and evolving content standards, like FHIR,” the letter read.

Finally, regulatory requirements that hold providers accountable for improved outcomes “should be clear, targeted and evidence-based.” This can help reduce healthcare regulatory and documentation burden.

Kibbe added that DirectTrust is looking forward to working with the new administration, along with ONC and CMS to ensure that healthcare interoperability is supported and that data can be securely and easily exchanged.

Healthcare cybersecurity has been a top concern for many industry stakeholders for the better part of 2016. Earlier this week, CHIME discussed the cybersecurity challenge in a letter to CMS, and also how there is a persistent lack of interoperability across the US health system. Both of these areas need to be addressed in the recently passed MACRA final rule.

“The transformation of our healthcare system is predicated on robust data exchange and the ability for clinicians to access data where and when they need it,” CHIME wrote. “Meanwhile, patients are increasingly demanding ubiquitous access to their records. As healthcare grows more digital, more data is susceptible to compromise and we are seeing this play out with more breaches and highly-publicized headlines around ransomware.”

CHIME added that it was disappointed that CMS did not take its suggestion of giving credit to clinicians for working to strengthen their practices against cybersecurity threats. With providers working toward interoperability, they are integrating new technologies and the healthcare cybersecurity threats will only continue to increase, CHIME noted.  

In March 2016, ONC also highlighted cybersecurity challenges in its annual report to Congress. health data privacy and security are one of several potential barriers to modernizing and integrating the health IT infrastructure, the agency explained.

Implementing federally recognized national interoperability standards, policies, guidance, and practices for electronic health information a top priority for the Department of Health and Human Services (HHS), ONC said, but best practices must be adopted to help further this goal.  

“Health IT is now widely used by most hospitals and providers, and the electronic exchange of health information among these providers continues to increase,” the report’s authors stated. “However, collaborative commitments across government and industry are needed to address remaining challenges for the U.S. to realize the full benefits of a secure, interoperable electronic health information infrastructure that seamlessly supports the health system and provides individuals with safe, person-centered care.”

Dig Deeper:


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks