Samwise Healthcare IT Newsletter
Tuesday, April 28, 2026
ShinyHunters Claims 9 Million Records Stolen in Medtronic Cyberattack
Medical device giant Medtronic disclosed in a U.S. Securities and Exchange Commission filing Friday that cybercriminals broke into its corporate IT systems, marking at least the fourth large medtech company breached in recent weeks. Minneapolis-based Medtronic said the incident has not affected its products, manufacturing, distribution, or patient safety. Cybercrime gang ShinyHunters claimed on its dark-web site on April 18 to have stolen nine million Medtronic records containing personally identifiable information and internal corporate data, threatening to publish the material unless a ransom was paid by April 21. Medtronic operates in 150 countries, serves 79 million patients annually, and reported $33.5 billion in fiscal 2025 revenue.
Sources: GovInfoSecurity
Utah Medical Board Demands Suspension of AI Prescription Renewal Pilot Over Safety Risks
Utah's Medical Licensing Board sent a formal letter to the state's Department of Commerce this week requesting suspension of a pilot that uses artificial intelligence to autonomously renew prescriptions for patients with chronic conditions. The pilot, operated with vendor Doctronic, was launched without the board's review. Board members said the program bypasses critical physician oversight, noting that “each refill requires reassessment and clinical decision-making to safely adjust doses, monitor for side effects, contraindications or new drug interactions.” The Department of Commerce defended the pilot, stating all prescriptions are still reviewed by licensed physicians alongside the AI system, and declined to end the program.
Sources: Healthcare IT News
Major Insurers Commit to Standardizing Electronic Prior Authorization Data Requirements
Major U.S. health insurers led by AHIP and the Blue Cross Blue Shield Association announced Friday they will align electronic data submission requirements for medical services commonly subject to prior authorization, including orthopedic surgeries, CT scans and MRIs, starting January 1. The voluntary commitment covers more than 250 million patients across commercial, Medicare and Medicaid plans. UnitedHealthcare said more than 50% of its prior authorization volume can be immediately standardized, targeting over 70% by year end. Cigna set the same 70% target; Aetna reported 88% already standardized. Insurers have collectively cut preapprovals by 11% since pledging reform under pressure from the Trump administration last summer.
Sources: Healthcare Dive
AMA Urges Congress to Mandate Safety Guardrails for AI Mental Health Chatbots
The American Medical Association sent letters to the Senate AI Caucus, the House AI Caucus and the House Digital Health Caucus urging Congress to establish mandatory safety requirements for AI mental health chatbots. The AMA cited risks including encouragement of self-harm, privacy breaches and emotional dependency on AI systems. The letters call for transparency requirements so users know they are interacting with AI rather than a licensed clinician, mandatory crisis-detection features, restrictions on advertising within chatbots, and stricter data protection standards with mandatory adverse event reporting. Stanford and Brown University research cited found commercially available therapy bots provide inappropriate responses and violate multiple clinical codes of conduct.
Sources: MobiHealthNews
AI Is Elevating Interoperability From Compliance Checkbox to Core Operating Infrastructure
Healthcare interoperability has improved — API-based patient access is now mainstream and TEFCA has moved from policy concept to live exchange infrastructure — but artificial intelligence is exposing a new divide, according to Zack Tisch of Pivot Point Consulting. Tisch told Healthcare IT News that while data can move in many settings, hospitals still rely on proprietary APIs, custom interfaces and manual workarounds for complex workflows including prior authorization, referral management and remote patient monitoring. As predictive AI enters mainstream hospital operations, data must be timely, trustworthy and computable rather than merely exchangeable. Organizations treating interoperability as enterprise data strategy, not just interface work, will lead the next phase.
Sources: Healthcare IT News
Physician Burnout Falls for Third Straight Year, but Emergency Medicine and Specialty Gaps Persist
Physician burnout declined nationally for the third consecutive year in 2025, with 42% of physicians reporting at least one symptom — down from 43% in 2024 and 48% in 2023, per an AMA Organizational Biopsy survey of nearly 19,000 physicians across 38 states and 106 health systems. Four of five key experience indicators improved year over year. Despite the progress, hospital-based specialties including emergency medicine, radiology and anesthesiology consistently lag the overall benchmark, reflecting ongoing workflow and staffing pressures. Emergency medicine, urological surgery and hematology/oncology reported the highest burnout rates, approaching or exceeding 49%. AMA President Dr. Bobby Mukkamala called for specialty-level strategies to address underlying drivers.
Sources: Healthcare IT News
Updated GS1 RFID Standards Boost Pharmaceutical Supply Chain Traceability Under DSCSA
Updated RFID standards from GS1 US are making it easier for healthcare organizations to comply with the Drug Supply Chain Security Act, which requires electronic tracing of prescription drugs throughout the pharmaceutical supply chain. The TDS 2.0 release stores all critical pharmaceutical data — including National Drug Code, lot number, expiration date and serial number — directly in each tag's non-proprietary electronic product code memory, eliminating costly database subscriptions. TDS 2.3 adds a web domain link enabling supply-chain partners to retrieve storage conditions directly from manufacturers. Jonathan Gregory, Director of Global Standards at GS1 US, said the updates enable real-time detection and removal of expired drugs before they reach patients.
Sources: Healthcare IT News
Physician-Led AI Coding Tools Bring Opportunity and New Cybersecurity Risks to Health IT
Physicians are increasingly using agentic AI tools to build custom clinical workflow applications — a shift that empowers care teams but introduces new security risks, Healthcare IT News reported. Doctors demonstrated building clinical tools with minimal coding knowledge at an Anthropic webinar last week. Security experts warn that AI-generated code can introduce vulnerabilities that novice developers may miss. Meanwhile, the Cloud Security Alliance released a whitepaper on April 12 urging healthcare organizations to begin a 90-day preparedness plan in response to Anthropic's Mythos model, which the CSA said has dramatically accelerated AI-driven vulnerability discovery and exploit development — shrinking the window between disclosure and exploitation for healthcare IT teams.
Sources: Healthcare IT News
Curated by JD · samwise.agency