Latest news with #patientdata


The Independent
08-07-2025
- Health
- The Independent
Doctors against Palantir's NHS software put ‘ideology over patient interest'
Doctors who oppose the use of software developed by Palantir in the NHS have 'chosen ideology over patient interest', the UK boss of the tech giant has told MPs. Louis Mosley appeared in front of the Science, Innovation and Technology Committee on Tuesday as part of its innovation showcase. While there, he also challenged claims that Palantir has a 'reputational difficulty' and said it is 'very proud' of the work it does in Israel. Palantir was co-founded by billionaire tech entrepreneur Peter Thiel, who was an early backer of US President Donald Trump, and has worked with the US government. It was announced in November 2023 that a group led by Palantir had secured a £330 million contract to provide the NHS Federated Data Platform (FDP). The shared software system will aim to make it easier for health and care organisations to work together and provide better services to patients, but Palantir's involvement sparked concerns about how patient data will be used. When asked by MPs about how the company protects patient privacy, and if data would be processed outside of the UK, or be accessible by any foreign government, Mr Mosley said: 'The critical thing to bear in mind about the way our software works and the way it's deployed in the NHS, is that the data controllers – so those organisations that have that legal responsibility, in the NHS those are trusts, typically – they maintain control over their data. 'So each of them gets their own instance of our software, and they control who has access to it, they control what data is integrated into it, and they, in effect, implement and enforce the data protection policies that they deem appropriate.' He also emphasised Palantir does not 'derive any economic benefit from the data, the data belongs to the customer'. Mr Mosley claimed that medics who oppose Palantir's involvement in the FDP as choosing 'ideology over patient interest'. It comes after the British Medical Association (BMA) passed a motion stating the company is an 'unacceptable choice' for the FDP at its annual representative meeting in Liverpool last month. The union's members voted in favour of the BMA lobbying against the introduction of Palantir software in the health service, and called for the Department of Health and Social Care to create an audit of the progress of the uptake of the systems throughout the NHS. When asked about this, Mr Mosley said: 'I was very disappointed to see that. I think the accusation that we lack transparency or this is secretive is wrong. 'I think the BMA has, if I may be frank, chosen ideology over patient interest. 'I think our software is going to make patient lives better; so making their treatment quicker, more effective, and ultimately the healthcare system more efficient. 'And I, as a patient, and a user of the NHS, I want it to be as quick and efficient as possible. 'I'm very sad, frankly, that the ideology seems to have taken precedence over those interests.' The BMA vote comes a little over a year since health workers blockaded the entrance to NHS England's headquarters to call for an end to Palantir's contract. In April 2024, hundreds of NHS workers protested in central London, holding placards which read 'No Palantir in the NHS' and 'Palantir aids apartheid'. Mr Mosley also pushed back against claims about Palantir's reputation. It was put to Mr Mosley that Palantir has a 'reputational difficulty' by Conservative MP Kit Malthouse. 'Everybody's slightly suspicious of what you do,' he said. 'And part of that reputational difficulty has been caused by your software being used in war on Gaza and the targeting of Palestinians with particular characteristics. 'What protections would you put in place for UK programmes to make sure they're not complicit in the commission of war crimes?' Mr Mosley said he would 'push back' on the question around reputation, adding: 'I think much of that concern and suspicion that you mentioned is the result of misunderstandings about the nature of our software, the nature of our business model and the kind of work we support. 'I would emphasise the fact that we have never worked and will never work in countries that are adversarial to the west, like China or Russia or Iran. 'We do work in Israel. We're proud of the work that we do there. We have provided the Israelis with support since October 7, but also our work there predates those events. 'I can't go into operational details of the way in which our software is used, but I can assure you that I think the systems to which you would think, like Lavender, for example, are not ones that we are involved in.'

Yahoo
26-06-2025
- Business
- Yahoo
Electronic Health Records (EHR) Market Valued at USD 33.45 Billion in 2024, Set to Grow at 4.59% CAGR Through 2032
EHR industry is booming due to rising digitalization, regulatory mandates, and demand for streamlined patient data access. Key players like Epic Systems, Cerner (Oracle), and Allscripts dominate with innovative, cloud-based solutions. Growing investments in telehealth and AI integration continue to accelerate market expansion across hospitals and ambulatory care settings. San Francisco, USA, June 25, 2025 (GLOBE NEWSWIRE) -- The was valued at USD 33,451.20 million in 2024 and is projected to grow at a CAGR of 4.59% from 2025 to 2032. This growth is driven by the global shift toward digital healthcare infrastructure, government mandates for record standardization, and the rising demand for efficient patient data management across hospitals, clinics, and ambulatory care centers. EHR systems are digital versions of a patient's paper chart, offering real-time, patient-centered records that make information instantly and securely available to authorized users. They are critical for improving coordination between care providers, minimizing medical errors, and enhancing overall clinical outcomes. Government initiatives worldwide are playing a key role in promoting EHR adoption. Programs such as the U.S. HITECH Act, the EU's digital health transformation goals, and India's Ayushman Bharat Digital Mission are pushing healthcare providers toward digitization. At the same time, the rise of value-based care, telehealth, and mobile health applications has increased the need for interoperable and cloud-based EHR systems. The market is witnessing significant technological advancements, including integration with AI, predictive analytics, and mobile platforms, which enable better clinical decision-making and patient engagement. However, challenges such as high implementation costs, data privacy concerns, and interoperability issues between different systems remain key hurdles, particularly in emerging markets. North America dominates the global EHR market, backed by strong digital infrastructure and initiatives like the U.S. HITECH Act, which allocated over $35 billion to promote EHR adoption. Meanwhile, Asia-Pacific is emerging as the fastest-growing region, fueled by rising healthcare investments—India's health budget rose 13% in 2023—and national digitization drives like China's 'Healthy China 2030.' Supportive policies, growing urbanization, and expanding patient volumes are accelerating EHR integration across the region, attracting global players and investors alike. Unlock in-depth insights and forecasts – Get your FREE sample report of the EHR market today: Key Players- Detailed Competitive Insights Cerner Corporation GE Healthcare Veradigm LLC Epic Systems Corporation eClinicalWorks Greenway Health, LLC NextGen Healthcare, Inc. Medical Information Technology, Inc. CPSI AdvancedMD, Inc. Allscripts Healthcare Solutions MEDHOST Athenahealth McKesson Corporation Siemens Healthineers Oracle Corporation Market Dynamics Drivers Government Mandates and Incentives: Many countries are accelerating Electronic Health Records (EHR) adoption through targeted policies. In the U.S., CMS's Promoting Interoperability Program ties Medicare reimbursements to EHR usage. Germany's Hospital Future Act allocated €4.3 billion for digital upgrades, while Australia's My Health Record achieved over 90% population coverage. India's Ayushman Bharat Digital Mission aims to create a unified health ID system, promoting seamless data exchange. These initiatives are driving global healthcare digitalization and fostering integrated patient care systems. Rising Demand for Streamlined Healthcare Delivery: For example, Mayo Clinic uses integrated EHRs to reduce duplication, streamline workflows, and access real-time patient data—cutting documentation time and improving care coordination across departments and specialties. Growth in Telehealth and Remote Monitoring: The global shift toward telemedicine post-COVID-19 has increased the need for centralized digital records that can be accessed remotely. This trend is pushing both public and private healthcare providers to invest in cloud-based and interoperable EHR systems. Data-Driven Decision Making in Healthcare: As data becomes a core asset in personalized medicine and value-based care models, EHRs serve as critical repositories of patient history, lab reports, medications, and imaging data. Challenges High Implementation and Maintenance Costs: The cost of deploying EHR software, training staff, and maintaining IT infrastructure can be prohibitive for small healthcare facilities, especially in developing nations. Interoperability and Data Security Concerns: Although EHRs are designed to improve information sharing, achieving true interoperability across different systems remains a challenge. Moreover, the sensitive nature of health data makes security and compliance with data protection regulations (like HIPAA and GDPR) a critical issue. Opportunities Integration with AI and analytics in EHRs enables predictive insights—such as Mount Sinai Hospital using AI models within EHRs to identify sepsis risk early, improving response time and patient outcomes. This innovation is driving demand for intelligent, data-driven systems. Mobile and Cloud-Based EHRs: The adoption of mobile health apps and cloud platforms enables real-time access to health data, especially beneficial in rural and underserved regions. Regional Insights North America North America holds 42.50% of the global EHR market, driven by the U.S.'s early adoption and digital health funding. Epic Systems powers major hospital networks like Kaiser Permanente, while Canada's Infoway initiative accelerates EHR integration, ensuring secure, interoperable data across provinces. Europe Europe is a mature yet fragmented market for EHRs. Countries like Germany, the UK, and the Netherlands are progressing well in EHR integration, while others lag due to privacy concerns and inconsistent digital policies. The EU's push toward unified health records under the European Health Data Space initiative could streamline EHR adoption across member states. Asia-Pacific The Asia-Pacific region is projected to witness the fastest growth during the forecast period. Rapid urbanization, increased healthcare spending, and the digitalization efforts in countries like India, China, and Australia are major contributors. Government-backed programs such as India's Ayushman Bharat Digital Mission and China's Smart Healthcare initiative are significantly driving EHR deployment. Latin America & Middle East Both regions are gradually embracing EHR systems. Brazil, Saudi Arabia, and the UAE have initiated digital health reforms. However, budget constraints and a lack of infrastructure remain key barriers. International partnerships and private investments are expected to unlock growth potential in these markets. TABLE OF CONTENT 1. Electronic Health Records Market Overview 1.1. Study Scope 1.2. Market Estimation Years 2. Executive Summary 2.1. Market Snippet 2.1.1. Electronic Health Records Market Snippet By Product 2.1.2. Electronic Health Records Market Snippet By Type 2.1.3. Electronic Health Records Market Snippet By Business Model 2.1.4. Electronic Health Records Market Snippet By Application 2.1.5. Electronic Health Records Market Snippet By End Use 2.1.6. Electronic Health Records Market Snippet by Country 2.1.7. Electronic Health Records Market Snippet by Region 2.2. Competitive Insights 3. Electronic Health Records Key Market Trends 3.1. Electronic Health Records Market Drivers 3.1.1. Impact Analysis of Market Drivers 3.2. Electronic Health Records Market Restraints 3.2.1. Impact Analysis of Market Restraints 3.3. Electronic Health Records Market Opportunities 3.4. Electronic Health Records Market Future Trends 4. Electronic Health Records Industry Study 4.1. PEST Analysis 4.2. Porter's Five Forces Analysis 4.3. Growth Prospect Mapping 4.4. Regulatory Framework Analysis 5. Electronic Health Records Market: Impact of Escalating Geopolitical Tensions 5.1. Impact of COVID-19 Pandemic 5.2. Impact of Russia-Ukraine War 5.3. Impact of Middle East Conflicts 6. Electronic Health Records Market Landscape 6.1. Electronic Health Records Market Share Analysis, 2024 6.2. Breakdown Data, by Key Manufacturer 6.2.1. Established Players' Analysis 6.2.2. Emerging Players' Analysis 7. Electronic Health Records Market – By Product 7.1. Overview 7.1.1. Segment Share Analysis, By Product, 2024 & 2032 (%) 7.1.2. On-premises 7.1.3. Web & Cloud-Based EHR 8. Electronic Health Records Market – By Type 8.1. Overview 8.1.1. Segment Share Analysis, By Type, 2024 & 2032 (%) 8.1.2. Acute 8.1.3. Outpatient 8.1.4. Post Acute 9. Electronic Health Records Market – By Business Model 9.1. Overview 9.1.1. Segment Share Analysis, By Business Model, 2024 & 2032 (%) 9.1.2. Licensed Software 9.1.3. Technology Resale 9.1.4. Subscriptions 9.1.5. Professional Services 9.1.6. Others 10. Electronic Health Records Market – By Application 10.1. Overview 10.1.1. Segment Share Analysis, By Application, 2024 & 2032 (%) 10.1.2. Cardiology 10.1.3. Neurology 10.1.4. Radiology ……… Reasons to Invest in the EHR Market Essential Role in Modern Healthcare Systems EHRs are no longer optional but a fundamental part of modern healthcare. As hospitals strive to improve patient care, safety, and efficiency, EHRs serve as a backbone for digital health ecosystems. Regulatory Push and Compliance Standards Investment in compliant EHR systems helps healthcare providers align with stringent data protection laws while avoiding penalties and securing patient trust. Increasing Healthcare Expenditure Globally, healthcare budgets are expanding. A significant portion is being directed toward digital infrastructure, making EHR vendors prime beneficiaries of government and institutional funding. Rising Adoption of Cloud and AI Technologies EHR vendors integrating cloud capabilities and AI features offer enhanced scalability, analytics, and patient engagement. These smart EHRs are more future-proof and attractive to investors. Long-Term Cost Benefits for Healthcare Providers Despite initial costs, EHR systems lead to long-term savings by reducing administrative workload, avoiding duplication of tests, and minimizing errors. Future Outlook The Electronic Health Records (EHR) market is poised for a tech-driven evolution, with AI integration, cloud-based platforms, and interoperability leading the way. By 2032, real-time data exchange, as seen in the U.K.'s NHS Federated Data Platform and India's Ayushman Bharat Digital Mission, will become standard. Growing cybersecurity investments and patient-centric innovations are redefining EHR functionality. With global healthcare systems embracing value-based care, the market is set for intelligent, adaptive, and patient-connected growth worldwide. Discover the Full Study : Explore More Research Titles in the Healthcare Category by AnalystView Market Insights: CRISPR-Based Diagnostics Market- Pain Management Therapeutics Market- Immunohistochemistry Market- Disposable Blood Pressure Cuffs Market- Clinical Trial Central Laboratory Services Market- AI for Predictive Healthcare Market- Healthcare Analytics Market- Patient Handling Equipment Market- Sterilization Equipment Market- Mayank Agrawal mayank@ 11923 NE Sumner St STE 750924 Portland, Oregon, 97220, USAError in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data


Malay Mail
13-06-2025
- Malay Mail
Former National Dental Centre Singapore staff accused of taking illicit photos of female patients' breasts
SINGAPORE, June 13 — A former employee of the National Dental Centre Singapore (NDCS) was charged in court today over alleged offences involving voyeuristic acts and unauthorised access to patient data. According to Channel News Asia (CNA), Elgin Ng, 28, is accused of taking intrusive photographs of women's breasts — described in charge sheets as 'top-down and bottom-up' shots — without their consent. The court documents did not detail the method used. Ng faces 25 counts of voyeurism, each relating to a different woman. Their identities are protected under a gag order. The alleged incidents span a two-year period from March 2022 to April 2024. He also faces one charge of distributing voyeuristic images. Prosecutors said Ng allegedly sent the illicit material to another man on at least two occasions between May and June this year. In addition to the voyeurism charges, Ng was also handed four counts under the Computer Misuse Act. Two of these relate to accessing the personal data of 18 patients in 2023 and 2024 without authorisation. The remaining charges allege that he downloaded photographs of 42 patients from the centre's systems between 2022 and 2023. NDCS confirmed that Ng is no longer employed at the centre. Responding to queries from CNA, a spokesman said an internal probe was launched after the matter came to light, and a police report was filed. 'Protecting the safety, privacy and data of our patients is of paramount importance to us,' the spokesman said. 'We take a serious view of data breach incidents and do not condone such misconduct.' The centre declined to comment further, citing ongoing court proceedings. Ng did not enter a plea. His next court appearance is scheduled for July 8. If convicted of voyeurism, he faces up to two years in jail, a fine, caning, or any combination of these penalties. Distributing voyeuristic content carries a maximum five-year jail term, while unauthorised access to computer data is punishable by up to two years' jail, a fine of up to S$5,000 (RM16,550), or both.


Medical News Today
28-05-2025
- Business
- Medical News Today
HIPAA rights: What they are, who they apply to, and more
What are they? Who must follow them? Who does not? FAQ Summary The Health Insurance Portability and Accountability Act (HIPAA) protects patient health information and provides individuals with rights to control the use and disclosure of their health information. The United States enacted HIPAA in 1996. HIPAA applies to organizations, healthcare professionals, and insurers who handle patient data. This article looks at HIPAA rights, who must follow HIPAA regulations, and which information HIPAA protects. FreshSplash/Getty Images HIPAA rights are federal laws that protect a person's privacy and security in relation to their health information. The Right to Access allows people to access their protected health information (PHI). Healthcare professionals must provide individuals access to their PHI within 30 days of requesting it. People can also request an electronic or hard copy of the information. The Right to Access includes all health-related information, except information that a healthcare professional collects for legal purposes or psychotherapy notes. An individual can request a change to their PHI if they believe their health information is incomplete or inaccurate. The covered entity must respond to the request for amendment within 60 days of receiving the request. A covered entity refers to a healthcare professional or organization that handles patient data and is required to follow HIPAA regulations. An individual has the Right to Request Restrictions on the use and disclosure of their PHI. This includes: disclosure to people involved in an individual's healthcare or billing disclosure to notify others, such as family members, of a person's condition, location, or death If covered entities agree to the request, they must follow the restrictions, except when treating someone in a medical emergency. Covered entities have no obligation to agree to restriction requests. They have a right to request an alternative method of communication to the one that the covered entity may typically use. People can also request a certain address for receiving communication. Accounting of Disclosures is a record detailing why and when a covered entity disclosed a person's PHI, which people have a right to access. Covered entities do not need to account for disclosures for healthcare operations, treatment, or payment. Covered entities must keep accounting of disclosure records for six years. A covered entity must receive written authorization from the individual to use or disclose any PHI that is not for healthca re operations, treatment, or payment purposes. An individual has the right to revoke their authorization of the use or disclosure of their PHI at any time. People must make the request in writing, which becomes effective once the covered entity receives it. The HIPAA Privacy Rule requires covered entities to provide a Notice of Privacy Practices (NPP) and abide by the terms. These terms include: how the covered entity may use or disclose a person's PHI the duties of the covered entity to protect the privacy of the individual, and a description of their rights stating the right a person has to complain to the covered entity and the U.S. Department of Health and Human Services (HHS) if they believe there has been a violation of their privacy rights providing a point of contact for making complaints or requesting further information The following covered entities must follow HIPAA regulations: Health plans: This includes health insurance companies, company health plans, and government healthcare programs such as Medicare and Medicaid. This includes health insurance companies, company health plans, and government healthcare programs such as Medicare and Medicaid. Healthcare providers: This describes providers who carry out electronic transactions, such as sending a health bill electronically. This includes most providers such as hospitals, clinics, healthcare professionals, pharmacies, and nursing homes. This describes providers who carry out electronic transactions, such as sending a health bill electronically. This includes most providers such as hospitals, clinics, healthcare professionals, pharmacies, and nursing homes. Healthcare clearinghouses: A healthcare clearinghouse is a third-party organization that processes data between entities, such as between healthcare providers and insurance companies. A healthcare clearinghouse is a third-party organization that processes data between entities, such as between healthcare providers and insurance companies. Business associates: Business associates of covered entities must also follow HIPAA regulations. Business associates are people or companies outside of the covered entity who may need to access PHI, such as lawyers, IT specialists, or billing companies. In many cases, the following organizations do not have to follow HIPAA regulations: employers schools and school districts law enforcement agencies state agencies, such as child protective services municipal offices life insurers workers compensation carriers The following information is protected under HIPAA regulations: information in a person's medical record from healthcare professionals conversations between healthcare professionals about a person's healthcare and treatment, such as between a doctor and a nurse personal information stored in a health insurer's computer system a person's billing information at a clinic most health information that a covered entity holds about an individual Under HIPAA regulations, health information is protected in the following ways: safeguards that covered entities and business associates must put in place to protect PHI and prevent improper use or disclosure of PHI covered entities must only use, disclose, or request the 'minimum necessary' information to meet the intended purpose procedures that covered entities must put in place to limit who is able to access health information covered entities must carry out training programs for employees on protecting health information Under HIPAA regulations, health information can be looked at and received for the following reasons: coordinating a person's treatment and care healthcare payments other people involved in a person's healthcare or billing, unless the person objectsensuring cleanliness, safety, and proper care in healthcare facilities public health protection, such as reporting local flu outbreaks necessary police reports, such as gunshot wounds However, an individual's health information cannot be used or shared without their written permission unless this law allows it. For example, without authorization from the individual, a provider generally cannot: give an individual's information to their employer use or share their information for marketing or advertising purposes sell their information HIPAA rights help protect the privacy and use of an individual's health information. Examples of HIPAA rights include the Right to Access, the Right to Request Amendments, and the Right to Request Restrictions. Certain covered entities must comply with HIPAA rights, such as health plans, providers, and clearinghouses. People may want to contact a healthcare professional or the HHS for more information about HIPAA rights. Health Insurance / Medical Insurance Regulatory Affairs / Drug Approvals


Sky News
28-05-2025
- Health
- Sky News
NHS trusts' data 'stolen' in cyberattack
NHS trusts had information stolen in the latest cyberattack on the UK health service, experts have told Sky News, with concerns raised that patient data might be vulnerable in such incidents. University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have been named as those exposed via a recently discovered exploit. NHS England told Sky News it is monitoring the situation - with the UK's top cybersecurity defence team at the National Cybersecurity Centre (NCSC). Cody Barrow is the chief executive of EclecticIQ and previously worked at the Pentagon, US Cyber Command and the NSA. The firm analyses cyberattacks and uncovered the extent of this incident. He told Sky News such attacks raise the "potential for unauthorised access to highly sensitive patient records". Analysts at EclecticIQ have identified victims of the hack spanning agencies and businesses across Scandinavia, the UK, US, Germany, Ireland, South Korea and Japan. Sky News has been shown evidence of the trusts in the UK being accessed maliciously. Rather than a ransomware attack, data was taken clandestinely after hackers exploited holes in software. In this case, the vulnerability was in a piece of software called Ivanti Endpoint Manager Mobile (EPMM) - a programme that helps businesses manage employee phones. The hole in Ivanti's software was first discovered on 15 May, and it has since been fixed - although there are warnings that systems previously exploited could still be vulnerable. The vulnerability in Ivanti's software allowed hackers to access, explore and run programmes on their target's systems. According to the experts at EclecticIQ, the kind of data accessed included staff phone numbers, IMEI numbers, and then technical data like authentication tokens. Such attacks can leave hackers able to access other data like patient records and further parts of the network via a process called remote code execution (RCE) - running programmes on compromised systems. The analysts said they have identified the hackers exploiting the Ivanti backdoor as having used an IP address based in China. Alongside this, the way the hackers operate is similar to how previous China-based actors behaved. Such attacks can occur when hackers use an automated scan of the internet to find examples of vulnerable software, rather than being targeted. Mr Barrow told Sky News: "This situation represents another urgent wake-up call for the NHS. With threat actors actively exploiting these vulnerabilities, we're not looking at a distant or theoretical risk. The targeting is happening now, and the consequences could be felt across the healthcare system. "The potential compromise scope goes well beyond data theft. We're looking at the potential for unauthorised access to highly sensitive patient records, the disruption of crucial appointment systems, and even interference with critical medical devices that are vital for daily patient care." "This strikes at the heart of patient safety and care delivery," Mr Barrow added. "The impact wouldn't be isolated, it could cause cascading effects cancelled surgeries, delays in urgent treatments, and medical devices failing when needed most. We've seen this before. "Past cyberattacks have shown the chaos that ensues, directly threatening patient outcomes, putting lives at risk and forcing frontline staff to work under extreme pressure. "Beyond immediate operational chaos, these vulnerabilities also profoundly erode public trust in the NHS's capacity to safeguard both their data and their health. "The immediate directive for NHS trusts to engage their cybersecurity teams underscores the severity. The response to this kind of cyber threat needs to be treated with the same urgency as a medical emergency." 👉 Listen to Sky News Daily on your podcast app 👈 A spokesperson for NHS England told Sky News: "We are currently investigating this potential incident with cybersecurity partners, including the National Cyber Security Centre, and the trusts mentioned. "NHS England provides 24/7 cyber monitoring and incident response across the NHS, and we have a high severity alert system that enables trusts to prioritise the most critical vulnerabilities and remediate them as soon as possible." A spokesperson for Ivanti said they had released a fix for the vulnerability in their software. A NCSC spokesperson said: "We are working to fully understand UK impact following reports that critical vulnerabilities in Ivanti Endpoint Manager Mobile are being actively exploited. "The NCSC strongly encourages organisations to follow vendor best practice to mitigate vulnerabilities and potential malicious activity. "Vulnerabilities are a common aspect of cyber security, and all organisations must consider how to most effectively manage potential security issues." "We remain committed to collaboration and transparency with our stakeholders and the broader security ecosystem," it added. "At the time of disclosure, we are aware of a very limited number of on-premise EPMM customers whose solution has been exploited."