DHS issues emergency hijacking directive
The Department of Homeland Security sent a rare emergency directive to HHS and other agencies, giving them 10 days to secure their DNS infrastructure.
The directive comes after the Certified Information Systems Auditor (CISA) detected a tampering campaign that was redirecting web and mail traffic from several federal agencies. It didn't specify which agencies were affected, precisely, but all federal agencies must now audit their DNS servers and change their DNS account passwords.
“CISA recommends agencies prioritize NS records and those associated with key agency services offered to organizational users and the public (for example, websites that are central to the agency’s mission, MX records, or other services with high utilization),” officials wrote. (Health IT Security article)
North Carolina readies for take 2 on data breach notification law
A year after their first attempt at reforming North Carolina's data breach notification law, legislators are reintroducing a revised version. The bill, which mandates that organizations report a breach within 30 days of discovering it, would cut the current notification time in the state in half.
“We are strongly committed to getting this right and creating a strong framework for protecting our most personal information,” North Carolina Representative Jason Saine, R-Lincoln County, one of the members who introduced the bill, said in a statement.
Similar laws are under consideration in several other states as well. (Health IT Security article)
Vanderbilt demos AI-powered voice assistant for EHRs
In a first for providers, Vanderbilt University Medical Center is developing a voice assistant for its electronic health record system. The goal, according to its developers, is to make it easier for physicians to retrieve a piece of information from a patient's file during an exam.
"It is a time-consuming and tactually complicated effort to understand the patient story," said Yaa Kumah-Crystal, M.D., core design adviser at Vanderbilt. "Often you know what piece of information you want but are forced to forage through a graphical user interface designed by someone that does not understand your clinical workflow. This can be an exasperating experience and one of the reasons EHRs often are cited as contributors to physician burnout."
The medical center is consulting with Epic, which is also working on a voice assistant for EHRs. (Healthcare IT News article)