Latest news with #PHI
Boston Globe
2 days ago
- Health
- Boston Globe
Nursing homes struggle with Trump's immigration crackdown
Eight of Cateau's workers are expected to be forced to leave after having their Temporary Protected Status revoked. TPS allows people already living in the U.S. to stay and work legally if their home countries are unsafe due to civil unrest or natural disasters and during the Biden administration, the designation was expanded to cover people from a dozen countries, including large numbers from Venezuela and Haiti. Get Starting Point A guide through the most important stories of the morning, delivered Monday through Friday. Enter Email Sign Up While those with TPS represent a tiny minority of A.G. Rhodes's 500 staffers, Cateau says they will be 'very difficult, if not impossible, to replace' and he worries what comes next. Advertisement 'It may be eight today, but who knows what it's going to be down the road,' says Cateau, an immigrant himself, who arrived from Trinidad and Tobago 25 years ago. Nearly one in five civilian workers in the U.S. is foreign-born, according to the Bureau of Labor Statistics, but as in construction, agriculture, and manufacturing, immigrants are overrepresented in caregiving roles. More than a quarter of an estimated 4 million nursing assistants, home health aides, personal care aides, and other so-called direct care workers are foreign-born, according to PHI, a nonprofit focused on the caregiving workforce. Advertisement The aging of the massive Baby Boom generation is poised to fuel even more demand for caregivers, both in institutional settings and in individuals' homes. BLS projects more growth among home health and personal care aides than any other job, with some 820,000 new positions added by 2032. Nursing homes, assisted living facilities, home health agencies, and other such businesses were counting on immigrants to fill many of those roles, so Trump's return to the White House and his administration's attack on nearly all forms of immigration has sent a chill throughout the industry. Katie Smith Sloan, chief executive of LeadingAge, which represents nonprofit care facilities, says homes around the country have been affected by the immigration tumult. Some have reported employees who have stopped coming to work, fearful of a raid, even though they are legally in the country. Others have workers who are staying home with children they have kept out of school because they worry about roundups. Many others see a slowdown of job applicants. 'This is just like a punch in the gut,' she says. Rachel Blumberg, chief executive of the Toby and Leon Cooperman Sinai Residences in Boca Raton, Fla., has already lost 10 workers whose permission to stay in the U.S. came under a program known as humanitarian parole, which had been granted to people from Cuba, Haiti, Nicaragua, and Venezuela. She is slated to lose 30 more in the coming weeks with the end of TPS for Haitians. Advertisement 'I think it's the tip of the iceberg,' says Blumberg, forecasting further departures of employees who may not themselves be deported, but whose spouse or parent is. Blumberg got less than 24 hours' notice when her employees lost their work authorization, setting off a scramble to fill shifts. She has already boosted salaries and referral bonuses but says it will be difficult to replace not just aides, but maintenance workers, dishwashers, and servers. 'Unfortunately, Americans are not drawn to applying and working in the positions that we have available,' she says. Front-line caregivers are overwhelmingly female and a majority are members of minority groups, according to PHI, earning an average of just $16.72 hourly in 2023. Long-term care homes saw an exodus of workers as COVID made an already-challenging workplace even more so. Some facilities were beginning to see employment normalize to pre-pandemic levels just as the immigration crackdown hit, though industrywide, there is still a massive shortage of workers. Some in the industry have watched in frustration as Trump lamented how businesses including farming and hospitality could be hurt by his policies, wondering why those who clean hotel rooms or pick tomatoes deserve more attention than those who care for elders. Beyond rescinded work authorizations for people living in the U.S., care homes are having difficulty getting visas approved for registered nurses and licensed practical nurses they recruit abroad. What used to be a simple process now stretches so long that candidates reconsider the U.S. altogether, says Mark Sanchez, chief operating officer of United Hebrew, a nursing home in New Rochelle, N.Y. Advertisement 'There are lines upon lines upon lines,' says Sanchez, 'and now they're saying, 'I'm going to go to Canada' and 'I'm going to go to Germany and they're welcoming me with open arms.'' Looking around a facility with a majority-immigrant staff, the son of Filipino immigrants wonders where his future recruits will come from. 'I don't have ICE coming in my door and taking my people,' Sanchez says, 'but the pipeline that was flowing before is now coming in dribs and drabs.' Long-term care workers are routinely lured away not just by hospitals and doctors' offices, but restaurants, stores, and factories. Half of the average nursing home's staff turns over each year, according to federal data, making the attraction and retention of every employee vital to their operation. Robin Wolzenburg of LeadingAge in Wisconsin began working to place an influx of people from Afghanistan after the U.S. pulled out its final troops four years ago and thousands of refugees arrived in her state. Care homes began hiring the refugees and were so delighted with them, some facilities began hiring refugees who arrived from Ukraine, Somalia, and Congo. Though many homes had employee retention rates around 30 percent, Wolzenburg said the figure was above 90 percent with refugees. Trump has halted most refugee admissions, meaning Wolzenburg's successful outreach program has no new arrivals to target. 'It's been really devastating,' Wolzenburg says. 'Our communities that were actively working with the resettlement agencies are not seeing those referrals to long-term care like we were. There's no refugees coming in.' Lynne Katman, the founder of Juniper Communities, which runs 21 facilities across five states, says it's hard enough to find the right workers with a passion for older adults. Now, just as homes gird for an influx of residents brought on by the country's demographic shift, they're facing another challenge to a stable workforce. Advertisement 'The work is hard. It's not always been the highest paying job that one can get,' she says. 'But many of the immigrants who actually have chosen this work consider caregiving a noble profession.'
Business Journals
5 days ago
- Health
- Business Journals
Ambient AI tools in health care: A new companion for clinicians
Ambient listening artificial intelligence (Ambient AI) is gaining traction in the clinical setting. Ambient AI tools passively 'listen' to conversations between clinicians and patients and, based on these conversations, automatically transcribe and summarize encounters. Ambient AI has the potential to reduce the time that treating clinicians spend documenting patient encounters, which may reduce clinician burnout over time. Importantly, Ambient AI should enhance patient experience and improve the accuracy of patient encounter documentation. Ambient AI systems typically rely on microphones integrated into smartphones, tablets or dedicated in-room devices. These systems use automatic speech recognition with natural language processing and machine-learning algorithms to extract relevant clinical information from a conversation. In many cases, the output is a draft clinical note or a structured data entry into the electronic health record system, without manual input from a clinician. Legal and ethical considerations Ambient AI tools involve unsettled questions of legal and ethical responsibility. As covered entities under the Health Insurance Portability and Accountability Act (HIPAA), clinicians are responsible for implementing measures to maintain the privacy and security of protected health information (PHI). Clinicians must also ensure that their technology vendors, if they receive or maintain PHI on behalf of clinicians, also maintain the privacy and security of PHI. Therefore, clinicians must understand how an Ambient AI tool functions with respect to PHI to apply the appropriate privacy and security standards to the entity that provides the Ambient AI tool. Another important threshold question is whether a clinician must inform patients that the clinician will use an Ambient AI tool to record conversations between the clinician and the patient. Regardless of state law consent requirements for recording conversations, health care settings are unique environments that may mitigate in favor of disclosing the use of Ambient AI to patients. Legal and ethical obligations related to informed consent, transparency and patient trust support the disclosure of the use of an Ambient AI tool. Clinicians should be ready to discuss how Ambient AI is utilized, appreciating that some patients may view the use of an Ambient AI tool to record conversations negatively and may withhold important medical information as a result. Under HIPAA, a patient has a right to adequate notice of the uses and disclosures of PHI by a clinician. Clinicians satisfy this obligation by providing patients a notice of privacy practices (NPP). Current guidance does not specifically address Ambient AI and whether its use must be disclosed. That will likely change. Until then, clinicians must determine, based on how an Ambient AI tool interacts with PHI, whether the tool must be disclosed as part of the clinicians' NPPs. Disclosure is the safest way to ensure compliance. Best practices and compliance recommendations Clinicians considering implementing an Ambient AI tool should: Establish clear protocols to obtain patient consent to use the tool. Understand how the Ambient AI tool functions in order to hold vendors to appropriate privacy and security standards. Develop a fulsome audit strategy to continually monitor the accuracy of the Ambient AI tool's output. expand William P. Keefer, Partner and Co-Leader of Phillips Lytle's Health Care and Life Sciences Team, counsels hospitals, physician groups and other health care clients on a broad array of issues. He can be reached at wkeefer@ or (716) 847-5488. expand
Geek Vibes Nation
08-07-2025
- Health
- Geek Vibes Nation
How To Protect PHI In The Cloud: A Healthcare Guide
Protected Health Information (PHI) refers to a person's health data, including medical records, diagnoses, treatment details, or billing information. This data can be collected and stored when individuals interact with healthcare providers, insurance companies, hospitals, or health-related platforms. Since this information is sensitive and personal, anyone who stores or manages PHI is responsible for keeping it secure, whether it's a healthcare organization, a digital health service, or a cloud provider. This includes information such as: Patient names Medical record numbers Health insurance details Social Security numbers Test results and prescriptions Dates of birth and addresses Billing and payment information PHI becomes especially sensitive because it combines personal identity with private medical data, making it a high-value target for cybercriminals. If this information is exposed or compromised, it can lead to: Identity theft Medical fraud Unauthorized use of insurance benefits Reputational harm Loss of trust in healthcare providers In the wrong hands, even a seemingly minor piece of PHI can be used to construct full identity profiles or conduct fraudulent activities, making the consequences of a data breach potentially devastating for both individuals and healthcare organizations. Moreover, mishandling PHI can trigger serious legal and financial penalties under privacy laws such as HIPAA (in the U.S.), which strictly governs how PHI should be stored, transmitted, and accessed. Because of this high sensitivity and legal responsibility, PHI demands the highest level of protection, especially when stored or processed in cloud environments. Key Challenges of Storing PHI in Cloud Environments Storing PHI in the cloud helps healthcare organisations scale quickly, reduce costs, and improve accessibility. However, it also brings several challenges. From legal compliance to security missteps, each issue needs to be addressed carefully to keep data safe. 1. Meeting Security and Compliance Requirements Healthcare data must comply with strict privacy and security laws such as HIPAA, GDPR, and local regulations. These laws define how PHI should be stored, accessed, and shared. In cloud environments, ensuring compliance requires strong encryption, strict access controls, audit logging, and regular risk assessments. If not implemented correctly, non-compliance can lead to serious penalties. 2. Understanding Shared Responsibility Cloud service providers manage the physical infrastructure and core services. However, healthcare organizations are still responsible for securing their data within the cloud. This includes setting up proper access control, using secure architecture, writing secure application code, applying data encryption, and regularly monitoring their systems. Without this, misconfigurations and security gaps are likely. 3. Rising Cybersecurity Threats PHI is a common target for cyberattacks because it holds high value. Threats like ransomware, phishing, and unauthorized access can lead to data breaches. If attackers gain access, the data can be sold, misused, or leaked, resulting in privacy loss, financial damage, and legal action against the healthcare provider. 4. Cloud Misconfigurations Simple mistakes such as leaving cloud storage buckets publicly accessible or forgetting to enable encryption can expose sensitive data. These misconfigurations often happen during manual setup or due to a lack of proper knowledge, and they're one of the leading causes of PHI exposure. Cloud platforms often rely on third-party tools for added functionality. If these external tools are not secure or compliant, they become a weak link. Healthcare organizations must evaluate every vendor they connect with to ensure they meet security standards. 6. Limited Visibility and Control In traditional on-premise systems, organizations can see and control everything. In cloud environments, that visibility is reduced. It becomes harder to track who accessed what data, when, and from where, especially if real-time monitoring tools like AWS CloudTrail or Azure Monitor aren't in place. 7. Data Location and Jurisdiction Risks Cloud providers may store data across global data centers. If PHI is stored in another country, it may fall under different legal systems. This can lead to conflicts with local regulations and affect data privacy. Healthcare providers must ensure that data is stored in permitted locations. Best Practices to Protect PHI in the Cloud Protecting PHI in the cloud requires a combination of the right technologies, strong policies, and well-planned system design. Below are some essential practices healthcare organizations should follow to keep individual medical data safe and compliant. 1. Choose a HIPAA-Compliant Cloud Provider Cloud providers like AWS, Azure, and GCP offer HIPAA-eligible services along with a signed Business Associate Agreement (BAA). For example, AWS HIPAA compliance ensures that healthcare organizations can use approved cloud services with the required security controls, encryption, and access management to safely process and store PHI. 2. Use Strong Data Encryption Data should be encrypted both at rest (when stored) and in transit (when being shared or moved). Most cloud platforms offer built-in encryption services. Organizations can also use Bring Your Own Key (BYOK) options for better control over encryption keys. 3. Implement Identity and Access Management (IAM) Not everyone needs access to all data. Use role-based access control (RBAC) to limit who can view or modify PHI. Also, enable multi-factor authentication (MFA) to add an extra layer of security when users log in. 4. Design a Secure Cloud Architecture Secure systems start with secure design. Use best practices like: Isolating sensitive workloads using virtual networks Applying firewalls and security groups Limiting public internet exposure Following the principle of least privilege These steps reduce the attack surface and help prevent unauthorized access. 5. Monitor, Audit, and Log Everything Set up continuous monitoring tools to detect unusual activities. Keep logs of who accessed what data and when. Regular auditing ensures that systems are working correctly and helps meet compliance standards. 6. Regular Backups and Disaster Recovery Create automatic backups of critical data and applications. Store them in secure, separate locations. Test your disaster recovery plans regularly to ensure systems can be restored quickly in case of an incident. 7. Train Your Staff Even strong technology can fail if employees are careless. Provide regular training on: Recognizing phishing attacks Following secure login practices Reporting suspicious activity Educated staff play a key role in keeping PHI safe. Conclusion Storing and protecting PHI in the cloud demands more than just a technical setup. It requires a security-first mindset backed by clear compliance measures. With growing data risks and strict regulations, healthcare providers must act wisely. Leveraging reliable and professional cloud consulting services ensures your cloud setup remains secure, HIPAA-compliant, and ready to scale with healthcare demands.
Business Wire
02-07-2025
- Health
- Business Wire
Microsoft's Email Encryption Behavior May Violate HIPAA, New Paubox Report Warns
SAN FRANCISCO--(BUSINESS WIRE)--A new report from Paubox, a leader in HIPAA compliant email, reveals that Microsoft 365's email encryption behavior could be putting healthcare organizations at serious risk of noncompliance. Microsoft 365's email encryption behavior could be putting healthcare organizations at serious risk of noncompliance Share In a series of controlled TLS experiments, Paubox researchers found that Microsoft 365 may transmit messages in cleartext when encryption fails, without bouncing the message, alerting the sender, or logging any evidence of the failure. This occurred when messages were sent to recipient servers that did not support modern TLS protocols. The messages in question contained simulated PHI and were sent in accordance with typical 'force TLS' configurations that many IT leaders believe are sufficient for HIPAA compliance. 'Our team expected the message to bounce,' said Hoala Greevy, CEO of Paubox. 'Instead, it went through unencrypted—and unless you knew where to look in the headers, you'd have no idea.' Microsoft's fallback behavior directly contradicts the expectations outlined in HIPAA's Security Rule (45 CFR §164.312(e)(1)), which requires technical safeguards to ensure PHI is protected in transit. If encryption fails, and there is no way to detect or prove it, healthcare organizations may be unknowingly transmitting PHI without the protections HIPAA requires. According to the report: Microsoft 365 will attempt TLS fallback—and if that fails, deliver in cleartext No warning or notification is provided to the sender Encryption failures are not recorded in any accessible audit trail This behavior is the default, not a misconfiguration Paubox also calls out broader issues with relying on force TLS settings in cloud platforms, calling the practice a 'false sense of security that cannot be audited.' Healthcare IT and compliance leaders are encouraged to review the findings and test their own environments. The full report, How Microsoft and Google Put PHI at Risk, is available here:
Fox Sports
30-06-2025
- Sport
- Fox Sports
2025-26 NBA Odds: How Will Cooper Flagg Fare In Rookie Season?
There wasn't much suspense at the top of the 2025 NBA Draft. Duke star Cooper Flagg was a shoo-in to go No. 1 to Dallas, and now, it's time to look toward the season. How much will Flagg produce during his rookie season? Let's check out the odds at DraftKings Sportsbook as of June 30. Cooper Flagg points per game Over 16.9: -115 (bet $10 to win $18.70 total) Under 16.9: -115 (bet $10 to win $18.70 total) Cooper Flagg rebounds per game Over 6.1: -115 (bet $10 to win $18.70 total) Under 6.1: -115 (bet $10 to win $18.70 total) Right now, the odds say Flagg is projected to average about 16 points and six rebounds. How would those numbers compare to top picks of the past? Let's take a look at the points and rebounds per game for No. 1 picks during their rookie seasons in the last 10 years. Zaccharie Risacher (2024, ATL): 12.6 points, 3.6 reboundsVictor Wembanyama (2023, SAS): 21.4 points, 10.6 reboundsPaolo Banchero (2022, ORL): 20 points, 6.9 reboundsCade Cunningham (2021, DET): 17.4 points, 5.5 reboundsAnthony Edwards (2020, MIN): 19.3 points, 4.7 reboundsZion Williamson (2019, NO): 22.5 points, 6.3 reboundsDeandre Ayton (2018, PHX): 16.3 points, 10.3 reboundsMarkelle Fultz (2017, PHI): 7.1 points, 3.1 reboundsBen Simmons (2016, PHI): 15.8 points, 8.1 rebounds Karl-Anthony Towns: (2015, MIN): 18.3 points, 10.5 rebounds First off, of those 10 names, four of them won Rookie of the Year (Wembanyama, Banchero, Simmons, Towns). Flagg is currently the -185 favorite to do the same. From a statistical perspective, only Risacher, Fultz and Simmons averaged fewer than 16 points, and Risacher, Cunningham, Edwards and Fultz averaged fewer than six rebounds, the marks that Flagg is expected to hit. Wembanyama, Ayton and Towns are the only three No. 1 picks in the last decade to average double-doubles as rookies. During his single season at Duke, Flagg averaged 19.2 points and 7.5 rebounds en route to winning a bevy of awards, including the Wooden Award. Want great stories delivered right to your inbox? Create or log in to your FOX Sports account, and follow leagues, teams and players to receive a personalized newsletter daily! recommended Get more from National Basketball Association Follow your favorites to get information about games, news and more
