Deepgram today announced the launch of Nova‑3 Medical, its next‑generation AI-powered speech‑to‑text (STT) model specifically engineered for the healthcare industry. Designed to meet the rigorous demands of clinical environments, Nova‑3 Medical enables developers to build highly accurate, customizable, and secure voice AI products and solutions tailored for healthcare settings. It seamlessly integrates with Deepgram’s enterprise runtime platform—including advanced text-to-speech (TTS) and speech-to-speech (STS) capabilities—providing a comprehensive suite of AI-driven tools that deliver enterprise-grade performance, adaptability, and cost efficiency. From streamlining clinical documentation to revolutionizing therapeutic scribing, Deepgram powers transformative medical transcription applications for industry leaders, driving exceptional outcomes across the healthcare spectrum.
Meeting the Growing Demand for AI-Powered Healthcare Transcription
As healthcare rapidly digitizes—with the widespread adoption of electronic health records, telemedicine, and digital health platforms—the demand for AI-powered transcription has never been greater. Traditional off-the-shelf speech-to-text models often struggle with the complexities of clinical terminology, leading to transcription errors and “hallucinations” that can compromise patient care. With the medical transcription market projected to grow from USD 85.3 billion in 2023 to USD 190.2 billion by 2032, developers building voice-AI applications for healthcare need infrastructure that not only delivers exceptional accuracy and speed but also provides the flexibility to meet diverse regulatory and operational requirements.
Built to meet these demands, Nova-3 Medical leverages advanced machine learning and specialized medical vocabulary training to set a new standard in healthcare transcription. Engineered for real-world clinical environments, the model accurately captures specialized medical terms, acronyms, and clinical jargon—even in challenging far-field audio conditions where providers step away from recording devices such as desktops and tablets. Moreover, it delivers structured transcriptions that seamlessly integrate with clinical workflows and EHR systems, ensuring vital patient data is accurately organized and readily accessible. Its flexible, self‑service customization—featuring Keyterm Prompting for up to 100 key terms—allows developers to tailor the solution to the unique needs of various medical specialties while versatile deployment options, including on‑premises and VPC configurations, ensure enterprise‑grade security and HIPAA compliance.
Benchmarking Nova-3 Medical: Accuracy, Speed, and Efficiency
Nova-3 Medical delivers industry-leading transcription accuracy, optimizing both overall word recognition and critical medical term accuracy for voice-driven healthcare applications.
WER Comparison (see figure 1)
With a median Word Error Rate (WER) of 3.45%, Nova-3 Medical outperforms competing models, achieving a 63.6% reduction in errors compared to the next best competitor. This improvement enhances documentation precision, minimizes manual corrections, and streamlines workflows for healthcare providers.
KER Comparison (see figure 2)
However, medical transcription accuracy isn’t limited to WER—correctly capturing critical medical terms is essential for minimizing patient care risks. Nova-3 Medical achieves a Keyword Error Rate (KER) of 6.79%, marking a 40.35% reduction in errors compared to the next best competitor. This ensures that fewer critical drug names, conditions, and procedures are misrecognized, reducing the chances of transcription errors that could lead to miscommunication, improper documentation, or even patient safety risks.
In addition to transcription accuracy, Nova-3 Medical’s performance excels in real-time applications, where speed and scalability are crucial. Optimized for real-time use, Nova‑3 Medical transcribes speech 5 to 40 times faster than most alternative speech recognition vendors, making it ideal for telemedicine and digital health platforms. Its scalable architecture ensures that as transcription volumes grow, healthcare tech companies can maintain high performance without incurring excessive costs. Starting at $0.0077 per minute of streaming audio, Nova‑3 Medical is more than 2x more affordable than leading cloud providers, reducing operational expenses and enabling companies to reinvest in innovation, accelerate product development, and offer competitive pricing to drive market adoption.
Visit Deepgram at Booth #136 in the AI Pavilion at HIMSS25, March 3-6, 2025, to see Nova-3 Medical in action; and don’t miss these sessions:
Session: From AI Scribes to EHR Automation: How Deepgram Enables Healthtech with Voice AI and Amazon Bedrock
When: Tuesday, March 4, 3:40 PM to 4:00 PM
Where: AI Pavilion, Venetian, Level 2, Hall A
Session: Voice AI Mixer with Deepgram & OneReach.ai
When: Wednesday, March 5, 6:00 PM to 7:30 PM
Where: Venetian, Palazzo Ballroom, Palazzo A
For more information about Nova‑3 Medical and how it is revolutionizing healthcare transcription, please visit www.deepgram.com.
JavaGhost Uses Amazon IAM Permissions to Phish Organizations
Posted in Commentary with tags Palo Alto Networks on March 3, 2025 by itnerdResearchers have observed the JavaGhost threat actor group using phishing to targeting AWS environments. This group takes advantage of misconfigurations in the victim organizations’ environments that expose AWS credentials in the form of long-term access keys. More info from Palo Alto’s Unit 42 is available here: https://unit42.paloaltonetworks.com/javaghost-cloud-phishing/
Jim Routh, Chief Trust Officer at cybersecurity company Saviynt had this to say:
“Cyber threat actors with sophisticated technical skills and solid business sense now know that maintaining persistence within enterprises using back doors with command and control capabilities is getting more difficult to sustain, due to improvements in endpoint monitoring and network-level behavioral analysis that comes with cybersecurity product maturity. As a byproduct, threat actors are doing what they do best: adjusting their tactics.
Threat actors know that compromising credentials is most effective to both penetrate enterprise cyber defenses and to operate within an enterprise to escalate privilege and obtain access to digital assets to monetize in various ways. Obtaining cloud-based credentials used in identity access management (IAM) services for IaaS providers offers sophisticated threat actors an opportunity to gain access to digital assets, while minimizing the probability of detection.
This news represents an acknowledgement by threat actors that cloud and IaaS account compromise continues to offer profitable opportunities for exploitation. Enterprises and the tech industry should look for different ways to more effectively manage IaaS and SaaS account configuration and management. The on-boarding of accounts for cloud-based services represents today a weakness that will continue to be exploited by sophisticated threat actors. Many enterprises struggle with the onboarding (registration, configuration) of cloud accounts due to backlogs for the many types of cloud accounts essential for meeting service levels for enterprise users. Enterprises need to get more creative in addressing the backlog and provide faster, more responsive onboarding for these accounts. Many established and mature IAM practices and processes were designed for managing access to systems within a proprietary data center. Providing effective IAM management for cloud accounts is a struggle for many enterprises that threat actors like JavaGhost are taking advantage of.”
Roger Grimes, data-driven defense evangelist at KnowBe4 follows with this:
“This is another example of how not doing the basics better can hurt you. When clouds really took over a decade ago, “experts’ worried about all the new cloud-specific attacks we would see and become accustomed to. But what has proven true over time is that the same things that plague us in on-premise environments for over 2-3 decades are still what plagues us in cloud environments. In this case, overly permissive permissions and social engineering. Social engineering is responsible for 70% – 90% of successful attacks. Overly permissive permissions is also a top threat (but surpassed also by vulnerability exploits and stolen credentials).
If you want to keep hackers and their malware creations out, concentrate on the long-time basics, not just as part of everything you are doing, but primarily what you are doing. If you’re not stopping social engineering, exploits against unpatched vulnerabilities, credential theft (79% of the time through social engineering), and misconfigurations, of which overly permissive permissions is one type, then you aren’t going to stop hackers. The only difference now is you need to learn how to do it in both on-premises and cloud environments. But the threats are the same.”
If your organization has any exposure to AWS, I’d set aside some time to read this report. Specifically the protections and mitigations section which should help to make you safer.
Leave a comment »