cybersecurity
HHS Provides New Resources to Address Rising Threat of Cyberattacks in Health
Resources include a new platform, Knowledge on Demand, to provide free cybersecurity training to the health sector workforce as well as an updated Health Industry Cybersecurity Practices 2023 Edition and a Hospital Cyber Resiliency Initiative Landscape Analysis On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release […]
Read MoreHHS Releases New Cybersecurity Framework Implementation Guide
The Administration for Strategic Preparedness and Response (ASPR) announced on Wednesday, March 8, the release of the Cybersecurity Framework Implementation Guide, which provides specific steps that health care organizations can take immediately to manage cyber risks to their information technology systems. This cybersecurity implementation guide provides recommendations, best practices, and resources to help the public and […]
Read MoreSenator Seeks Input on Policy Options Related to Health Care Cybersecurity
In early November, Senator Mark Warner (D-VA), Chair of the U.S. Senate Select Committee on Intelligence and co-creator of the Senate Cybersecurity Caucus, issued a policy options paper outlining current cybersecurity threats facing health care providers and systems and offering for discussion a series of policy solutions to improve cybersecurity across the industry. As part […]
Read MoreOCR Releases New Recognized Security Practices Video
In recognition of National Cybersecurity Awareness Month, the Office of Civil Rights (OCR) has produced a new video for organizations covered under the HIPAA Rules on Recognized Security Practices. Recommended security practices can help organizations improve their ability to safeguard patient information from cyberattacks and better safeguard the health care services we all rely upon. […]
Read MoreHHS alerts health sector to monkeypox-themed phishing campaign
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has alerted the sector to a monkeypox-themed phishing campaign targeting health care providers. The alert recommends organizations implement certain protective actions. “This alert reminds us that our cyber adversaries, foreign-based criminal gangs and hostile nation-state intelligence services, continue to prey on our culture […]
Read MoreFeds Launch New Website to Fight Ransomware
Health care organizations have been repeatedly targeted by hostile hackers and now the federal government has launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that creates one central location for ransomware resources and alerts. We encourage members to use this new website to […]
Read MoreCyber Alert: Mitigating Microsoft Exchange Server Vulnerabilities
The Office for Civil Rights (OCR) of the Department of Health & Human Services (HHS) is sharing the following Updated Alert on Mitigating Microsoft Exchange Vulnerabilities to assist HIPAA-covered entities and their business associates in addressing serious threats to Microsoft Exchange servers. Organizations are encouraged to review the information below and take appropriate action. The […]
Read MoreCyber Alert: Ransomware Activity Targeting the Health care and Public Health Sector
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible information of an increased and imminent cybercrime threat to U.S. health care providers and hospitals. CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that […]
Read MoreOffice for Civil Rights Issues Resource Document on HIPAA and IT Asset Inventories
The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has published, as part of its Summer 2020 Cybersecurity Newsletter, a resource document to assist covered entities in conduction of an effective risk analysis to ensure compliance with the Security Rule. The OCR is tasked with enforcing the Health Insurance Portability and […]
Read MoreFeds Launch New Website to Fight Ransomware
Health care organizations have been repeatedly targeted by hostile hackers and now the federal government has launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that creates one central location for ransomware resources and alerts. We encourage members to use this new website to […]
Read More
