What Are Telehealth Scams?

Telemedicine scams misuse virtual health care platforms to defraud patients, providers and government programs. These schemes often appear legitimate, only to exploit sensitive data or commit fraud for money.

The financial consequences can be significant. Within the last few years, the Justice Department has focused more on these digital health platforms, as they have become more embedded in everyday care delivery. In 2024, its National Health Care Fraud Enforcement Action pursued felony charges against 193 defendants across the United States.

Thirty-six of those were directly tied to telemedicine-related fraud schemes, which involved over $1.1 billion in fraudulent claims submitted to Medicare. The federal government has begun to crack down on virtual health care because the distance and deployment of technology are exacerbating the potential for fraud.

Common Types of Telehealth Scams

Online health care scams involve various tactics, including:

• Fake telehealth providers: Scammers pose as licensed doctors or health services, setting up fake websites that trick patients into providing payment or insurance details.
• Phantom billing: Fraudsters use stolen credentials or manipulate electronic health record (EHR) systems to bill Medicare or insurers for services never provided.
• Kickback schemes: Fraudulent telehealth operations often pay providers or marketers to refer large volumes of unnecessary services or prescriptions, violating anti-kickback statutes.
• Phishing and impersonation: Cybercriminals send emails or texts mimicking telehealth platforms, luring users to click malicious links or submit personal data under false pretences.

While fraudsters will use various deceptive tactics, they all have one goal in mind. Their objective is to steal a Social Security number, financial credentials, or insurance information and use it for fraudulent billing or identity theft. Telehealth services are expanding each day, so criminals are constantly coming up with new ways to target doctors and patients to evade authorities and health care companies.

Warning Signs to Be Aware Of

Telehealth scams often leave traces within digital systems that IT professionals can look for to prevent large-scale fraud and data breaches.

Abnormal Billing or Usage Patterns

Watch for sudden increases in telehealth billing codes or claims for services outside the organization’s typical offerings. Repeated billing from the same IP address or provider account may also indicate automation or fraudulent activity behind the scenes.

Suspicious Authentication Activity

Unauthorized login attempts can point to compromised credentials. Repeated failed logins or unusually long user sessions may signal bot-based attacks or unauthorized remote access.

Third-Party Platform Vulnerabilities

Be cautious when onboarding new telehealth tools or integrations. Vendors that cannot provide clear compliance documentation or attempt to bypass vetting processes should raise concerns. Unsupported APIs or unpatched tools can also be weak entry points for scammers.

Inconsistent Patient or Provider Data

Scammers often create slightly altered records to evade detection. For instance, discrepancies may occur in patient-reported visits. If the number of visits exceeds the records in an EHR system, this is a sign worth investigating.

This also goes for provider data. Scammers may try to procure fake identities using generating tools to pose as a doctor to steal or fabricate information.

Steps Health Care IT Teams Can Take

IT leaders can take action against the growing threat of telehealth scams by implementing several digital defences.

Implement Multi-Factor Authentication (MFA) and Access Controls

Enforce MFA across all telehealth platforms and patient portals. Limit access based on roles to ensure only authorized personnel can schedule virtual appointments or bill services.

Conduct Regular Security Audits and Log Monitoring

Schedule routine audits of login records, provider activity and claims data. Establish automated alerts to flag anomalies, such as login attempts from unfamiliar devices or sudden changes in billing behaviour. Early detection is critical for halting fraud before it spreads.

Vet Third-Party Vendors

Before onboarding any telehealth vendor, verify their HIPAA compliance, review their security documentation and conduct vulnerability assessments. Avoid integrations with platforms that lack transparent data handling practices or cannot support routine audits.

Communicate Risks and Best Practices to Patients

Work with clinical and communications teams to educate patients about safe telehealth practices. Create easy-to-understand guides that explain how to verify provider legitimacy and report concerns. Consider hosting security tips directly within patient portals.

Train Staff to Spot Red Flags

Educate clinical and administrative teams on recognizing phishing attempts and unexpected requests for sensitive data. For instance, scammers have previously sold fake at-home COVID-19 test kits in exchange for Medicare or personal information, then fraudulently billed Medicare. Teaching teams to verify sources before disclosing or entering data can prevent similar schemes.

Work With Legal and Compliance Teams

IT, legal and compliance teams should collaborate to maintain policies for responding to suspected breaches. They should also revisit telehealth workflows to ensure all virtual care tools align with regulatory standards and fraud prevention protocols.

Strengthening the Front Lines of Virtual Care

Telehealth has become an important service for patients with access to fewer health care resources. However, it offers various entry points for scammers to commit fraud. With this in mind, health care IT teams must stay alert and watch for the latest tactics in virtual health care scams. When implementing a mix of strategies, they can uphold the integrity of online medical care and maintain proactive defences.

By Zac Amos, ReHack

The post Combating the Rise of Telehealth Scams appeared first on .

As health technology (health tech) and the role it can play in transforming the health service becomes vital to the future of the NHS, the need for a clearer definition and segmentation of what “health tech” comprises, and the way we assess the different elements of this wide collection of products, is becoming more important.

The recent commitment from Health Secretary Wes Streeting to embed innovation at the heart of the upcoming 10-Year Health Plan demonstrates the NHS’s ambition to use technology to transform patient care.^[1] Yet, the lack of differentiation around the umbrella term “health tech” is a significant challenge; not just for innovators, but also for commissioners and policymakers who are tasked with assessing and adopting new solutions. Without a shared understanding, we risk slowing down innovation that could deliver better outcomes for patients and unlock greater efficiency for the health service.

The Health Tech Alliance, a coalition of health tech companies and bodies from across the NHS and wider health system, believes that a high level taxonomy of health tech is essential, given the eclectic mix of products the term encompasses. By establishing clearer distinctions between the very different technologies we can support innovators in navigating the complex evaluation landscape, help commissioners make more informed decisions, and ultimately ensure that patients benefit from the most effective modern technologies.

Why the term “health tech” needs redefining

It is encouraging that so much innovation is being developed that not only has potential to transform patient services but to improve productivity and efficiency in the health service. However, in recent years, “health tech” has become a catch-all term, used interchangeably with “MedTech” and applied to everything from traditional medical devices to the latest digital health innovations.

The lack of clear distinction leads to something of a “one-size-fits-all” approach to product evaluation and adoption which is neither proportionate nor efficient. For instance, the wide differences between digital apps, personalised products (such as ostomy and continence care), replacement joints and commodities such as lancets, means each group needs a fundamentally different approach to evaluation and route to market.

Some health tech, such as implants or diagnostics, require rigorous, long-term evidence of safety and efficacy. Others, like personalised digital apps or software platforms, should be evaluated more on usability, data security, and clinical effectiveness. AI-enabled technologies are now included in most of these categories, blurring the lines further.

We support the recent call from the Office for Life Sciences for a “formal redefinition of UK HealthTech to encapsulate emerging technologies and reduce ambiguity surrounding what does and does not constitute HealthTech activity”.^[2] NICE and the Health Technology Assessment (HTA) community are at the early stages of thinking about how this might be implemented, but the direction of travel is clear.

A practical breakdown for smarter procurement and evaluation

To streamline health tech procurement and evaluation, we have to move beyond the idea of health tech as a single, catch-all category. Instead, we should adopt a practical, implementable high-level taxonomy across all relevant players that distinguishes between key categories. Through a series of recent workshops with partners from industry and the wider health system, including NICE, DHSC, NHSE and local procurement leaders, the Health Tech Alliance now offers this “straw man” of how such a taxonomy might be developed:

Complex free-standing equipment

A huge range of long-standing and innovative devices including dialysis machines, scanners and so many more.

Commodities

This category could cover a range of both simple and complex devices but those which are generally not patient specific, from simple dressings through to complex surgical equipment. Some will have a digital element, others will not. Clearly the assessment will vary greatly across these sub categories.

Implantables

This will also need further refinement to differentiate between those which have no digital element e.g. joint replacements and those which do, such as pacemakers.

Diagnostics

Including in vitro diagnostic medical devices (IVDs) such as blood grouping reagents, pregnancy test kits, and hepatitis B test kits.

Digital health and software

Standalone software, clinical decision support, mobile apps, and remote consultation platforms. This category includes tools for both prevention and wellbeing, as well as diagnosis and treatment.

Personalised Products

Products which need to be specific to individual patients such as ostomy and incontinence technologies, and some digitally enhanced wound care.

Robotics

An increasing field which requires complex evaluation.

Telemedicine platforms and remote monitoring systems

These technologies facilitate care delivery and often require bespoke evaluation.

AI-enabled and connecting technologies

Software and platforms that use AI to drive other devices, support decision-making, or connect patients and clinicians.

Each of these categories has different risk profiles and intended uses, which means they need tailored evaluation pathways. For example, digital health tools may benefit from lighter-touch, faster approval routes, while implants and complex robotics need more robust scrutiny.

Unlocking efficiency and better outcomes

Adopting a clear taxonomy would enable the NHS to tailor evaluation processes according to the specific risks and benefits of each health tech category. This approach would help streamline approval routes, eliminate unnecessary delays, and reduce costs for innovators. Commissioners would have greater clarity and confidence in their decision-making, while patients would gain quicker access to appropriate new technologies.

A more precise definition of “health tech” is more than a semantic exercise; it is the foundation for a smarter, more proportionate, and ultimately more effective process for evaluating innovation in the NHS. By introducing practical categories, we can accelerate the adoption of new technologies, enhance transparency, and improve data collection and communication across the health system. This will ensure that the most suitable innovations reach those who need them most, without unnecessary barriers. We look forward to working further with all our partners to refine this approach.

By Dame Barbara Hakin, Chair, Health Tech Alliance

References

^[1] 10 Year Health Plan: Building a health service fit for the future

^[2] Unlocking the potential of UK HealthTech report, OLS

The post Understanding the Complexity of Health Tech appeared first on .

Financial services offer up a good example. The sector faces huge pressure to protect sensitive data and prevent fraud. Over the past two decades, cybersecurity and operational resilience have been a priority for banking. Especially as physical branches continue to close at a steady rate, with 377 closures currently pencilled in for 2025, banks are more reliant on online platforms, with a need to protect.

Meeting the advancing cyber threat

Digital enablement has advanced rapidly because of the high financial risks associated with breaches and customer demand. In response to increased exposure to cyber threats, banks have embraced a proactive cybersecurity model and adopted multi-layered security measures. This includes implementing robust identification, advanced threat protection, and continuous staff training. These measures are not just about securing accounts, they are also about instilling consumer confidence.

The NHS, despite being a single entity, functions as a highly distributed system with many independent organisations and departments operating in different ways. This fragmentation makes standardising cybersecurity far more complex. The cyber threat to UK government is increasingly severe and advancing quickly, successful attacks can have a devastating impact on people’s lives, leading to missed appointments and cancelled procedures.

Healthcare data breaches can be just as, if not more, damaging than financial breaches. Unlike in banking, where fraud can often be reversed, a compromised patient record is irreversible. Yet levels of legacy technology in the NHS remain anywhere from 10% to 70%, elevating cyber risk and increasing vulnerability. Given that 60% of UK citizens worry about cyber-attacks disrupting NHS services, there is both a public expectation and a pressing need for stronger defences. So, what lessons can NHS organisations learn and how can they build cyber resilience?

Bridging the skills gap

A major challenge in both healthcare and banking services is the cybersecurity skills gap. However, banks have proactively addressed this by investing in specialist teams and working closely with technology providers. In contrast, a recent report from the National Audit Office revealed that many government departments, including NHS organisations, struggle to attract and retain cyber talent due to limited salaries and restrictive civil service recruitment processes.

While the NHS’ primary mission is to provide healthcare, cybersecurity is now a fundamental pillar of patient safety. Expecting NHS staff, who are not IT specialists, to manage increasingly complex cyber threats is neither practical or sustainable. Instead, outsourcing to cybersecurity experts and forming strategic partnerships with technology partners will be crucial. These technology partners have the resources, expertise, and continuous threat intelligence to stay ahead of emerging cyber risks, ensuring that NHS systems remain protected.

Lessons in identification, monitoring and testing

To strengthen cybersecurity resilience, NHS organisations must take a structured and proactive approach, in the same way that the banking sector has done so. An important first step is understanding what needs protection. This begins with comprehensive asset identification, mapping out critical systems, patient records, medical devices, and IT infrastructure. Once identified, a thorough risk assessment should follow to highlight vulnerabilities, whether that’s ransomware, phishing, or insider threats. Without this foundation, cybersecurity measures risk being reactive rather than strategic.

The banking sector prioritises protection through multi-layered security measures that combine technology, policy, and human vigilance. The NHS must adopt the same mindset. Advanced endpoint security, encryption, and AI-driven threat detection should work together with robust access controls and network segmentation to limit the spread of attacks. Real-time monitoring is another essential layer. Security Information and Event Management (SIEM) tools can be deployed to detect and analyse suspicious activity before it escalates. Automated alerting, anomaly detection, and well-defined incident response protocols ensure that breaches are identified and contained swiftly.

Cyber threats evolve constantly, and regular testing is key to maintaining resilience. Healthcare organisations should conduct penetration testing at least twice a year to uncover system weaknesses, alongside IT health checks to assess overall cybersecurity readiness. Process audits must ensure compliance with industry best practices, including NCSC guidelines, ITIL, and ISO 27001 standards.

A sense of urgency

Ultimately, cybersecurity can’t be an afterthought. As the highly anticipated 10-year plan looks to expedite the NHS from analogue to digital, the pace of transformation won’t slow down. With electronic patient records, remote patient monitoring, and AI-driven diagnostics becoming the norm, the NHS’s cyber exposure is only set to increase. Just as we trust banks to protect our money, we must ensure the NHS is equally equipped to protect our health data.

As the banking sector has embedded cybersecurity into its culture, the NHS must prioritise a security-first mindset at every level, from frontline healthcare staff to IT teams and leadership. By taking a structured, multi-layered, and continuously evolving approach, NHS Trusts can safeguard patient data, maintain public confidence, and ensure the resilience of digital healthcare systems.

By Afshin Attari, Senior Director of Public Sector & Unified Platforms at Exponential-e

The post What NHS Cybersecurity can Learn from the Banking Sector appeared first on .

One of the most striking, and somewhat paradoxical, findings was that, while pharmaceutical companies are highly data-driven compared to other industries, they still face significant struggles in realising value from that data. More than 7 in 10 respondents say that production or maintenance is data-driven, and a remarkable 78% report that asset management is integrated with real-time monitoring systems.

Yet despite this digital maturity on paper, the results tell another story. Two in three respondents say that data silos hinder their organisation’s full potential. Half consider their digital transformation still in its early stages. Another half cite “collaborating and sharing data within the organisation” as one of their most pressing challenges.

If I were to interpret these findings, I’d say that pharmaceutical companies—like many others in sectors such as oil and gas or chemicals—are grappling with a familiar issue: the gap between digitisation and value from digitisation.

In my experience, the more digitally mature an organisation becomes, the harder it is for new initiatives to close that gap.

Companies starting from a lower standard of digital maturity often find it easier to identify use cases with immediate, high-impact results, as there is simply more low-hanging fruit. Replacing pen-and-paper or reducing non-value-added activity time such as administration, are examples of how value can be unlocked rapidly across the operation and management of assets.

But as organisations climb the operational maturity curve, high-value use cases become harder to identify, and it’s easier to fall into the trap of no-value digitisation.

No-value digitisation can take several forms, including these three common ones:

• Tick-the-box thinking: An initiative that delivered early success is rolled out indiscriminately to lesser-value use cases. Teams prioritise rapid deployment over actual value realisation or user feedback.
• Technology-first thinking: A shiny new tool is selected first, and teams scramble afterwards to justify its value, often without an appreciation of what success even looks like
• Organisational myopia: The organisation struggles to identify valuable opportunities. One example is maturity myopia, where teams pursue advanced capabilities or metrics that are either disconnected from business value or that simply do not have the foundational building blocks (Stakeholder engagement, optimised processes, access to valuable data) in place that would allow them to realise tangible value.

So how do businesses avoid these pitfalls and escape the spiral of no-value digitisation?

1. Start with Value

Adopt practices that help to identify value from the outset. Within Hexagon we recommend and support our clients with a value-driven approach organised into three essential pillars:

• Value Discovery: work together to Identify a transparent, defensible business case that aligns with organisational objectives.
• Value Delivery: Match the business case with the adoption of the right technology solution.
• Value Realisation: Measure and track the actual value created by the technology adopted and measure those results against the expectations created during the value discovery phase.

This approach helps to rapidly identify goals, expected benefits, and the gaps that need to be closed to achieve them.

2. Build Feedback Loops

Top-down, all-or-nothing digital transformation efforts are among the most likely to fail. Executive sponsorship and strategic direction are crucial but they shouldn’t result in digitisation by decree or backseat driving from the top.

In industrial settings especially, input and feedback from the field are critical for successful adoption. A phased approach not only promotes real-world alignment but also enables you to measure value and adjust along the way.

3.  Evolve digitisation and mature at a pace that suits your organisation

Finally, invest in tools that are interoperable and built to evolve with your organisation. This is a core principle at Hexagon as we preach a ‘crawl, walk, run approach’ to meeting digitisation goals. Our products and solutions are designed with flexibility and scalability in mind, recognising that clients operate in complex environments with multiple vendors, systems and differing levels of maturity.

Value often emerges in unexpected ways. If you’re locked into a standalone solution, one that requires manual data uploads, doesn’t integrate with other systems, and only works within a closed ecosystem, you might have today’s fix, but you’re also creating tomorrow’s problems.

Article by Edgardo Moreno, CISSP, GICSP, an Executive Industry Consultant at Hexagon’s Asset Lifecycle Intelligence division.

The post How to Avoid the Trap of Digitisation Without Value appeared first on .

An ambitious technology project to support the transformation of pathology services across Northern Ireland has been completed, with the go-live of the Clinisys WinPath laboratory information management system at the final two health and social care trusts.

Western and Southern trusts went live with the LIMS in their microbiology, blood sciences, and blood transfusion services at the end of April.

They had already gone live in cellular pathology at an earlier stage of the CoreLIMS programme to deploy the LIMS to all five territorial trusts and the Northern Ireland Blood Transfusion Service.

Previously, both organisations were using a system developed by the Business Services Organisation (BSO) that was 30 years old and at the end of life.

Jennifer Welsh, SRO of the Northern Ireland Pathology Information Management System (NIPIMS), said: “The completion of the CoreLIMS roll-out marks a major milestone in the transformation of pathology services across Northern Ireland. For the first time, every health and social care trust is working from the same modern laboratory system, creating a truly connected service that puts patients first. This achievement is the result of exceptional teamwork across trusts, especially our laboratories as well as our partners, and I want to sincerely thank everyone who played a part.

“With this foundation in place, we can now look forward to delivering even greater benefits – from reducing repeat testing to supporting clinicians with faster, more complete information, and eventually enabling innovations like vein-to-vein tracking. It’s a proud moment for all involved.”

Northern Ireland’s pathology transformation programme was set up to create an integrated, regional laboratory service to streamline management, modernise working conditions, and improve access for patients.

CoreLIMS was developed by the Business Services Organisation to support the programme, by replacing a mix of in-house and legacy systems with a LIMS designed for modern pathology networks.

Clinisys won the contract in October 2021 and the first phase of the project was completed two years later, when Belfast and South Eastern health and social care trusts went live within days of each other in November 2023.

The second phase was delivered last June, when the Northern Ireland Blood Transfusion Service (NIBTS) and cellular pathology services went live. The third phase followed in late October, with a go-live at Northern Health and Social Care Trust.

Karin Jackson, SRO of CoreLIMS and Chief Executive of NIBTS, said: “The completion of the CoreLIMS roll-out opens the door to future enhancements in how we manage and deliver vital blood components across Northern Ireland. We can already see real benefits from this investment with streamlined workflows across all services, including transfusion. It has been an impressive achievement, particularly given the complexity of the systems and processes involved. I would like to thank everyone involved for their professionalism, commitment and resilience that has delivered a smooth and successful implementation of CoreLIMS across Northern Ireland.”

The implementations had to be integrated with the encompass system, which is creating a single, digital health record for every citizen.

Karen Bailey, Chief Executive of the Business Services Organisation (BSO) which provided programme management, digital, procurement, legal and technical support for the programme is proud to mark this major accomplishment in laboratory digital transformation saying: “For the first time all our trusts are working from a single, modern laboratory information system, a testament to the extraordinary efforts of the teams across every region. I want to thank all involved for their hard work, resilience, and collaboration to make this transformation possible.

Robin Bell, senior project manager at Clinisys, said the final go-lives had gone smoothly, and said this was down to the hard work that had been done early in the CoreLIMS programme to standardise tests and harmonise workflows.

He also paid tribute to BSO and to laboratory staff across Northern Ireland for their work to test the new system and to provide the assurance required for successive go-lives. “This is a true pathology network,” he said. “They make decisions as a region. We have not deployed five solutions to the health and social care trust, where each one is just a little bit different to another. We have rolled out a single system that everybody uses in the same way.

“Lessons have been learned, and we have adapted our deployment model in response. Staff from labs that have gone live have been on hand to advise and support their colleagues. It has been a true collaborative effort by everybody involved. Now, we look forward to supporting the system and helping laboratories across the region to get the very best out of it for their clinicians and patients.”

The post Northern Ireland Completes Nationwide Roll-out of Clinisys WinPath appeared first on .

It’s not just an inconvenience, it’s a growing crisis. A recent UK Public Sector Efficiency Survey revealed that NHS employees lose an average of five hours per week to clunky, inefficient systems. That adds up to a staggering 7.5 million hours of wasted work every single week. These valuable hours could be reinvested in treating patients, improving safety, and providing a better service. By addressing these systemic inefficiencies, we can improve healthcare services and enhance patient outcomes.

The UK government announced the much needed £3.25bn Transformation Fund to boost public service efficiency in its latest Spring statement. It’s poised to drive productivity in public services, including the NHS, at a time when efficiency is under immense scrutiny. Backing a range of initiatives, the fund will include the introduction of AI tools to revolutionise front line service delivery.

But if we are serious about modernising the NHS, we need to do more than throw money at the problem – we need targeted, measured reform. AI and automation are rightly gaining momentum in the sector. However, AI is not a magic solution on its own. Its effectiveness depends on the quality of the data it receives, how well and quickly we act on insights. If we aren’t prepared to act on its findings quickly, we create bottlenecks instead of breakthroughs. Without the right groundwork, AI risks producing noise instead of value. AI must be embedded into well-designed processes to ensure it delivers real economic benefits.

I am often asked what are the biggest technology challenges in healthcare today, and what are the opportunities and barriers for the sector to use AI effectively. My response typically focuses on the following areas.

Manual services and outdated processes

Despite ongoing digital transformation efforts, most departments still rely on manual processes. The DSIT report reveals that 45% of NHS services lack a fully digital pathway, with very few eliminating manual processing entirely.

The impact of outdated processes is felt directly by patients and healthcare workers alike. When services remain paper-based or rely on fragmented systems, productivity suffers, and resources are stretched thin. The functioning of these fragmented systems relies on ‘human glue’ – workers manually bridging siloes of data and process, which prevents recognition of the core deficiencies.

Streamlining these processes through digital transformation is not just a matter of convenience. It’s essential for improving efficiency, reducing administrative burdens, and ultimately enhancing service delivery for the public.

Process modernisation and automation is the most powerful lever available to drive service reform for such tasks. A process orchestration solution can automate time-consuming tasks such as data entry, appointment scheduling, progress tracking, compliance, and reporting. Automating these actions would enable a shift towards time spent on value-driven activities that can improve both internal efficiency and service delivery.

Fragmented and underused data

When data is scattered across multiple outdated legacy systems, information access and related processes slow down for everyone. This impacts productivity and the ability to resolve case work at speed. This lack of data integration also limits the potential of AI, machine learning, and advanced analytics. These data-driven technologies can only work with seamless access to high-quality data, to drive innovation and improve decision-making.

For the NHS to be truly AI-ready, the data must be in order. Solving this starts with adopting a platform that connects data and processes woven into a single framework. A data fabric, for example, creates a virtualised layer that links data across systems without needing to migrate it.

With advanced data management, organisations can train, refine, and deploy AI models more effectively, transforming vast amounts of information into valuable insights. High-quality data is the fuel AI needs to enhance decision-making and drive efficiency. Without it, the potential of a modern digital NHS will remain out of reach.

The future of AI-driven processes in the NHS

Optimism about AI is growing within the healthcare sector. 64% of NHS workers have some or high confidence in the potential for AI to improve their organisation’s efficiency.

The key to unlocking AI’s full potential is embedding it within existing processes. Process is where actions happen. It’s where healthcare professionals make decisions, allocate budget and resources, serve patients, and move things forward. When AI operates within processes, it gains purpose, governance, and accountability – all vital to delivering value from AI.

While organisations are under pressure to integrate AI, its success depends on strong data infrastructures and human oversight. AI should be a partner, not a replacement, ensuring efficiency and innovation without compromising security or accountability.

To sustain long-term growth, healthcare organisations must invest in agile platforms that adapt to rapid AI advancements with process orchestration technologies. A platform approach can streamline operations, enhance decision-making, and improve service outcomes. Embracing these tools isn’t just about modernisation, it’s essential for efficiency, stability, and better healthcare service delivery.

Now is the time for the NHS to seize the opportunity. Every part of our health service runs on processes – from patient referrals to hospital workflows. When we improve these processes with automation technologies like AI and process orchestration, we create better working environments for our healthcare workers, improving service delivery, and efficiency, for our NHS, for the betterment of patients.

By Peter Corpe, Industry Leader, UK Public Sector, Appian

The post The NHS Efficiency Dilemma: Is AI Really the Solution? appeared first on .

Yet, healthcare providers continue to operate under tight budget constraints and limited personnel, without adequate resources to tackle the exploding cybercrime threat landscape. And as innovations develop at pace in the industry, from wearable health devices to telemedicine, IT managers are dealing with an ever-increasing number of endpoints.

From large healthcare systems to primary care practices, IT teams are often small, with one technician managing thousands of endpoints. Keeping track of so many endpoints across the network can pose challenges when it comes to patching, creating compliance and security problems. Adding to this, healthcare remains a highly distributed sector, with employees and IT assets often scattered across different estates, offices, and buildings.

Once attackers gain access to personal medical information, they can manipulate the data, cause operational disruption, and ultimately undermine public trust within an organisation. Thankfully, there are tools available for healthcare networks to reduce their attack surface and improve their ability to prevent, detect, and respond to cybercrime attacks.

Employees: the first line of defence 

The UK Cybersecurity breaches survey, published in April this year, recently revealed phishing as the most prevalent type of cybercrime in the UK. And, as AI and LLMs become widely adopted across organisations and more accessible, these attacks have become increasingly difficult to spot. With 88% of data breaches caused by human error, healthcare institutions must view their employees as the first line of defence against threat actors.

Comprehensive security awareness training and education is fundamental for healthcare professionals to identify phishing attacks in the first instance. Everyone – from clinicians to administrative staff to IT admins – must develop the skills to spot, avoid, and report common tactics used by threat actors. In training sessions, it can be useful to conduct phishing email simulations, so employees can gain real-life experience of what a suspicious email might look or sound like.

Training is a fundamental step towards building a culture of security and reducing healthcare cybercrime. Alongside increased employee education around phishing, IT teams can consider limiting user access to the absolute minimum. This reduces the negative impact of a bad actor, should they assume the identity of a legitimate user.

Back to Basics

Patching is a vital security tool for IT managers looking to safeguard sensitive patient information. Out-of-date operating systems and applications can leave doors open for intrusion or exploits. According to the Ponemon Institute, most data breaches (57%) can be directly attributed to attackers exploiting a known vulnerability that hadn’t been patched. To simplify system updates, healthcare institutions can consider patch management tools to automate numerous updates across all their machines. Processes such as patch auditing also make it easier to identify any failed or pending patches and continue monitoring for any incompatibility or performance issues to keep systems secure.

In the event of a successful attack, security and IT teams should also consider a robust backup system to prevent loss of cloud and endpoint data. This will ensure continued access to critical information, in the face of system compromise and ransomware attempts. By backing up their data and monitoring endpoint activity, healthcare institutions can better protect themselves and keep disruption to patient care to a minimum.

A solution like automated endpoint management gives IT teams all of this in one central source of truth, providing visibility over the full network in a single pane of glass, displaying maintenance and updates, security and backups, and most critically, a view of all endpoints which could pose a possible risk. This also allows IT teams to automate processes such as patching and endpoint hardening without having to manually access machines, in turn, simplifying operations and alleviating the pressures of limited access to skills, resources, and budget.

The road ahead for cybercrime in healthcare

Whilst necessary to improve the speed and availability of diagnosis and treatment, the increasing number of endpoints in healthcare can also open more attack vectors for those looking to compromise or abuse the systems assisting in care provision. The stakes remain incredibly high. Cyber incidents not only result in huge fines for the responsible parties but can also erode public trust in the sector and put people’s data, and even lives, at risk.

For healthcare IT teams, ensuring endpoint security, reducing instances of cybercrime, and creating frictionless patient-provider relationships are non-negotiable. But effectively managing shared endpoints spread across buildings and sites, while supporting providers and staff at scale with limited resources, is no mean feat.

IT managers can lean on solutions like automated endpoint management to free themselves from manual monitoring and threat response across thousands of endpoints. These systems make it possible to detect anomalies, implement fixes, and maintain security protocols automatically. They enable IT managers to focus on what matters most: empowering healthcare providers to provide exceptional care for their patients.

By Andre Schindler, GM EMEA and SVP Global Sales at NinjaOne

The post Why Healthcare Remains a Prime Target for Cybercrime and what IT Leaders can do about it appeared first on .

New ESMP platform accelerates move to single view of product information

Improving patient access to life-enhancing treatments is a central mission of companies ranging from the world’s largest biopharmas to early-stage biotechs. Each pursues its own path to get there. For some, the focus is responsibly-priced medicines. Others are amplifying patient voices during the medicine life cycle or using ESG bonds to reach underserved communities.

Patient access to life-enhancing treatments is a struggle without being able to ensure the timely delivery of medicines. Between 2000 and 2018, Europe experienced a 20-fold increase in drug shortages. On average, each pharmacy in the European Union spends more than six hours a week dealing with scarce supplies of medicines; in some countries, they spend as much as 20 hours per week.

The European Medicines Agency (EMA) has responded to the lack of a standardized EU-wide registry by launching the European Shortages Monitoring Platform (ESMP). In reality, the failure to meet patient demand for specific drugs is not limited to Europe. Healthcare systems worldwide are straining under rising costs. In the U.K., intermittent supplies are causing a medicine shortage crisis that risks harming patient outcomes as physicians ration medicines in short supply or switch to less effective alternatives.

Biopharmas have limited influence over many of the contributing factors obstructing patient access like transportation issues, physician availability, or healthcare funding. Although these may be out of companies’ scope of impact, what they can improve is how quickly they communicate and make decisions when managing supplies. Robust product definitions used consistently across functions, greater control of their data and documents, and an organization-wide understanding of regulatory approval status in each market would all help. Companies that centralize their product information will not only ensure regulators receive timely indicators of imminent shortages but also improve their own capacity for internal and external collaboration.

Earlier warning signs on critical shortages

Drug shortages have many complex and interdependent causes, ranging from biopharma sector consolidation and a limited number of suppliers to government pricing strategies and patent laws for innovative medicines. Such complexity makes it difficult for regulatory authorities to anticipate shortages, with few warning signs when stocks of critical medicines run low.

Having launched the ESMP in January 2025, EMA should soon be able to monitor drug supply, demand, and availability continuously. Marketing authorization holders (MAHs) are playing their part by providing product supply forecasts, availability, manufacturing details, and production plans to both national competent authorities (NCAs) and the ESMP[1].

To ensure that the product data currently held by EMA is accurate, biopharma sponsors will have to correct and enrich their authorized product datasets, either through direct data entry into the Product Management System UI (PMS) or by completing data loading templates with relevant information. As product data still sits across different functions (including clinical, regulatory, and pharmacovigilance), sponsors are getting ready to share information with ESMP by locating relevant data sources within their organizations — and, sometimes uncovering too late that their product information is inconsistent.

Sponsors need full transparency and control of their data to provide accurate sales and supply forecasts for critical medicines to ESMP. Data used to be copied and pasted as text when shared between departments; it should now be captured once at the source and then stored securely in the right format and place. In many instances, this means taking data out of documents and converting it into structured formats. As sponsors increasingly rely on outsourcing partners such as contract research organizations (CROs) and contract development and manufacturing organizations (CDMOs), they need to connect seamlessly when exchanging information externally.

Single source of product information for regulators

In the past, major stockouts in key markets were more common than they should have been, partly because some biopharmas did not know which regulatory information management (RIM) systems held the correct dates for approval and supply. Some companies tried to compensate for the limited connectivity between regulatory, packaging, and logistics by preparing product supplies before receiving the regulatory go-ahead, which could mean an extra step of reworking labels and product packaging if only partial approvals were eventually obtained.

Recent regulatory developments are making a single source of product information a priority for sponsors. Modern RIM platforms can centralize registration data: including marketing status (and dates), product information, active substances, pack sizes, packaging details, and packaging medicinal product identifiers (PCID). Once companies license a product in a market (done by pack), its registration data will be recorded in RIM and become easier to share with ESMP. This can mitigate potential shortages. For instance, if a manufacturer has issues with a product, the regulator can see alternatives containing the same active pharmaceutical ingredient (API).

Post-approval manufacturing changes also lead to drug scarcity. Typically, a large biopharma may manage as many as 200 post-approval changes per product a year — or thousands across its global portfolio. Processing and preparing each change submission can take six months to two years for a company to complete because key systems (QMS, RIM, LIMS, ERP) and data are disconnected. Bringing together the systems underpinning quality and RIM would make it easier to identify which countries and internal documents are affected across multiple markets during a post-approval manufacturing change.

During a drug shortage event, manufacturing sites would not lose time trying to find which specification is registered in each market for each product. Because regulatory and quality teams would see the same product data and documents, quality change controls automatically trigger when a regulatory event occurs affecting multiple markets. Market authorizations in each country would be tracked in real time, ensuring quality teams learn of Health Authority (HA) approvals as soon as they are received.

When different functions and authorities can efficiently exchange the latest data, they can make confident decisions for faster delivery of medicines to patients. As Juhi Saxena, associate director of regulatory and clinical platforms at Moderna Therapeutics, explains: “After connecting quality and regulatory, the data and information required for change control doesn’t have to be requested or sit in someone’s inbox for two days. This has significantly reduced the time required to perform regional impact assessments and send that information on to supply chain and quality departments.”

Centralizing access to data and documents would also improve external collaboration between sponsors, CROs, and CDMOs. Given accountability lies with sponsors, some are consolidating their system landscape and prioritizing partners that can provide immediate access to live data. Contract partners are also doing their part by eliminating manual activities and non-secure external communication (such as email and shared drives) for greater traceability. For example, CDMO Forge Biologics moved toward a connected quality management platform for better compliance and faster turnaround on reviews and approvals with its clients.

Finally, sponsors with a good handle on data quality, ownership, and governance will drive business benefits beyond ESMP. At one global enterprise that initiated regulatory change through its master data management initiative almost a decade ago, the result is that the organization “now speaks one language.” Data integration means quality, regulatory, and safety will all work from the same set of product definitions across the value chain. Having standardized product definitions sets the stage for accelerated batch release decisions by making them traceable to quality and regulatory data.

One shared record, systemic benefits

EMA’s enhanced monitoring of drug availability through the ESMP has rightly shifted the focus to accurate and consistent product data. Getting this data in order sets the foundation for the strategic use of predictive analytics. Sponsors, their partners, and regulators will be capable of predicting shortages and mitigating their impact proactively.

For this to work, greater automation when interacting with regulatory bodies will be essential, both for ESMP and CTIS (the platform underlying EU CTR). That’s because automation supports data integrity by minimizing the chance of human error during data entry or other manual activities.

Seemingly intractable problems can be overcome by breaking them down into their constituent parts. By focusing on what they can control, biopharma companies and regulatory authorities will do their part in helping the industry meet its patient access goals and ensure timely delivery of medicines to those waiting for them.

By Stephan Ohnmacht, Vice President, R&D Business Consulting, Veeva

References

[1] ISPE, ‘European Shortages Monitoring Platform (ESMP): Essentials and Industry Reporting Requirements Webinar’, June 2024

The post From Data Silos to Streamlined Connectivity: How Biopharma Can Prepare for ESMP appeared first on .

Barts Health NHS Trust, which serves one of the largest and most diverse patient populations in the country, has become the first healthcare provider in the NHS to implement the medical research tool Anonymise and Export from medical imaging IT company Sectra. As part of wider activity, it means that researchers will be empowered to shed new light on diseases, tailor treatments, and potentially inform the next generation of healthcare AI.

Anonymise and Export has been implemented within the trust’s existing Sectra enterprise imaging solution, a system widely used by NHS diagnosticians to analyse patient scans. The cutting-edge addition will allow for the seamless export of medical images to a secure data environment, with patient identifiers automatically removed. This removes a previously manually intensive process, releasing time for busy NHS teams, whilst addressing crucial privacy safeguards, and dramatically expanding research possibilities.

The de-identified imaging data will be integrated into the new Barts Health Data Platform (BHDP), which was formally launched in April 2025. The platform brings together different types of health information — such as scans, health records, and lab results — into one secure system that researchers can apply to use.

Steven Newhouse, deputy chief information officer for Barts Health NHS Trust, said: “We are now able to provide researchers and clinicians with access to health and imaging data at a scale we’ve not offered before. With robust safeguards in place, this development supports more efficient, secure research and marks meaningful progress in advancing medical innovation and understanding of disease.”

Deployed with the support of Sectra and the NIHR Barts Biomedical Research Centre, Sectra Anonymise and Export opens new avenues for medical research, paving the way for more comprehensive and insightful studies.

Professor Sir Mark Caulfield, Dean of the Faculty of Medicine at Queen Mary University of London, said: “The NIHR Barts Biomedical Research Centre is delighted to have enabled this ground-breaking advancement in access to medical imaging for research. This system represents a pivotal moment in our field — a true game-changer that unlocks the potential of big data while steadfastly protecting patient privacy. This is an exhilarating time of transformation, and I am proud to be part of this innovative journey.”

Sarah Jensen, chief information officer for Barts Health NHS Trust, added: “The diversity and sheer volume of data being integrated means a significant leap forward in our healthcare data research capabilities. NHS professionals are under pressure as they work to deliver the best possible care for patients. Academics and researchers in continual pursuit of medical advancements, can play a key role delivering innovations urgently needed.

“Now, we can securely and safely provide the data they need on a scale not previously possible, whilst safeguarding confidentiality, and without our busy NHS teams being asked to spend time manually removing identifiable information. The possibilities are immense.”

The technological deployment sets the stage for sophisticated AI-powered analysis of medical images. By leveraging advanced pattern recognition algorithms, that are available within the Azure Cloud that hosts the BHDP, researchers will be able to uncover hidden insights and draw more nuanced conclusions from the extensive dataset.

Jane Rendall, UK and Ireland managing director for Sectra, said: “Healthcare professionals at Barts Health have been at the forefront of innovation with imaging technology for many years – using our platform to diagnose and inform care for a great many patients across East London. This latest initiative takes that innovation to another level, securely and safely harnessing imaging data in ways that could radically change how care is delivered. I look forward to seeing the impact emerge for healthcare and patients alike.”

The post Barts Health takes ‘Giant Step’ for Medical Research with Sectra appeared first on .

However, competition is becoming fierce and with today’s saturated market, it is becoming more challenging for companies to raise funds to stay in the game. Slowing investments, coupled with fragmented UK and European markets, mean that scaling fast is a must to be successful in this industry. How can companies readjust their growth strategy to succeed in the long run?

SAY Communications, a leading healthcare and technology PR & marketing agency, has launched a new report titled ‘Race to scale: Marketing and PR strategies to accelerate growth of remote patient monitoring companies’ which offers insights on how to navigate the increasingly competitive landscape and thrive in the digital health sector.

Stefi Rucci, MD at SAY Communications said: “Remote patient monitoring companies are no longer in a sprint, they’re in a marathon with hurdles. We’ve created this report to help companies build momentum, overcome market challenges and scale with confidence through strategic communications.”

Comms strategies have become essential for remote patient monitoring providers

With investment in the sector falling from a 2021 high of $57.2 billion to just $10 billion in 2024, the report argues that marketing and PR are no longer optional—they are essential growth levers.

The digital health boom may have peaked, but the race is far from over. SAY’s guide provides actionable insights and strategies to help companies succeed in the digital health sector. It includes:

• Trends that are shaping the market
• Growth strategies used by industry leaders
• Case studies of successful marketing campaigns

The report analyses the high impact moves that are helping leading RPM companies scale faster such as mergers and acquisitions, international expansion, and strategic partnerships, and the role of PR and marketing in each of these successful strategies. It includes real-world examples from companies like Huma, Current Health, and Definition Health, showcasing how targeted communications strategies have driven visibility, credibility, and commercial success.

The report also explores the critical role of brand storytelling, thought leadership, and data-driven messaging in building trust with investors, healthcare providers, and patients.

For companies looking at mergers and acquisitions to accelerate their growth, SAY recommends building a compelling brand story as a priority. The agency considers the ingredients of a successful PR programme, including thought leadership, internal communications, and a crisis playbook.

For companies expanding into new geographical, technological or therapeutic territories, refreshing their brand and sharpening messages tailored to each audience will be key, SAY says. Gathering insights from experts in these new territories, supported by the outsider perspective of an external comms agency, will help when building these messages.

For companies looking to forge new partnerships to help them expand their Remote Patient Monitoring business, agencies like SAY can support with crafting partnership comms’ messaging and outreach materials. The report looks at R&D company Camcon Medical who needed to kick start conversations with decision makers at chemical and medical device companies in order to identify potential partners to commercialise its innovative valve technology, which has the potential to revolutionise oxygen delivery in medical devices. SAY worked with the company’s business development team to clearly define the buying personas and the key issues that would prompt them to partner with an external company to upgrade their devices. The agency developed content marketing materials to address these topics and designed a global yet targeted Account Based Marketing (ABM) campaign, by identifying 50 companies to be approached. SAY leveraged LinkedIn ABM tools for laser-focused targeting that delivered high quality of leads.

Federico Marchisio, Associate Director, Digital at SAY Communications said: “In today’s digital health landscape, growth isn’t just about having the best and latest technology – it’s about engaging the right audience at the right time. This report is designed to help RPM companies do exactly that, with bold strategies and clever communications.”

The ‘Race to Scale’ report by SAY Communications is available to download here.

The post New Report Offers Effective Comms Strategies for Accelerating Remote Patient Monitoring Company Growth appeared first on .