Biden Admin Rolls Out Cybersecurity Toolkit For Health Care

The Biden administration is ramping up efforts to harden defenses around the U.S. health care infrastructure, releasing an updated cyber “toolkit” to help the sector better defend against hackers.

Why it matters: Health care is a high-value, target-rich industry facing increasing attacks, and the problem is increasingly being recognized as a threat to patient safety when providers are forced to divert or shut down care.

Driving the news: Top officials from the Health and Human Services Department and the Cybersecurity and Infrastructure Security Agency (CISA) said Wednesday they have been working to better coordinate and clarify industry guidance.

  • They jointly released the toolkit that includes ways for the health sector to mitigate risk, such as vulnerability scanningbest practices, and a framework for accessing and improving cyber resiliency.
  • It’s part of a broader set of tools HHS has been releasing over the last year to help improve cyber hygiene across the sector, said HHS Deputy Secretary Andrea Palm.
  • “In cyber, it’s hospitals that are on the front lines,” said Nick Leiserson of the White House’s Office of the National Cyber Director during a roundtable with industry leaders on Wednesday.

Between the lines: This year alone, CISA said it provided pre-ransomware notifications to roughly 65 U.S. health care organizations to stop ransomware encryption and warn entities of early-stage ransomware activity.

  • Industry cybersecurity experts have raised alarm over health care’s cyber defenses, noting how often health systems had to pay ransoms or sustain massive losses after their computer systems were crippled.
  • Smaller health systems are often outgunned compared to larger ones, experts say. But even IT experts at large health systems find themselves confounded by a patchwork of regulations and guidance from state and federal agencies.

The intrigue: Palm mentioned an interesting tactic HHS has also employed in aiding health systems under an attack: It’s played matchmaker with peer organizations that have been attacked before.

  • The idea, she said, is “that they’re not learning all of this from scratch in this fire drill, but that they’ve got sort of a peer partner that they can talk to about how they’ve navigated through it,” Palm said.


Source Link

Recommended Articles

Annual Employee Benefits Compliance Responsibilities On January 1st

The start of each year marks an important date for employers as they face annual compliance responsibilities related to their health plans, the Affordable Care Act (ACA), and COBRA. Staying on top of these regulations is crucial for compliance and to avoid significant non-compliance penalties.

Read More

AI in Healthcare: Calls for Stricter Standards Amid OpenAI Leadership Shuffle

Recent disruptions in OpenAI’s top brass have sparked intense dialogue within the healthcare sector, emphasizing the urgent need for robust standards governing the implementation of generative AI technologies. With Microsoft recruiting former OpenAI executives Sam Altman and Greg Brockman, concerns are growing that few corporations may soon dictate the trajectory of healthcare AI, potentially molding ...

Read More

2024 FSA, HSA, and HDHP Plan Limits

A health Flexible Spending Account (FSA) is an employer-sponsored benefit that allows eligible employees to save pre-tax dollars to pay for qualified medical expenses. Employees can elect a specific dollar amount, up to a certain limit, to set aside annually.

Read More

Proposals On PBMs And Medical Devices Advanced By House Subcommittee

The House Committee on Energy and Commerce health subcommittee pushed forward 21 proposals on Tuesday, some of which will restrict the power of pharmacy benefit managers (PBMs). Democrats supported many of the proposals put forward by Republicans, including legislation reining in PBMs that had support from 60 organizations representing patients, providers, pharmacists, small businesses and ...

Read More