The Department of Health and Human Services’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) this week released a report on a newly discovered vulnerability in most computer processors that could allow malicious software to access sensitive information.

Researchers recently discovered two techniques, known as Meltdown and Spectre, that can circumvent data protections and potentially expose data on many computers purchased over the past decade. The report warns that the vulnerabilities could put protected health information and personally identifiable information at risk.

There are no reported issues related to these vulnerabilities and many vendors have begun issuing software patches to mitigate the risk. HCCIC recommends that health care entities contact their software vendors and install patches as soon as possible.

America’s Essential Hospitals has established a resource page on IT Security for Essential Hospitals. Visit this page for new information and updates.

Contact Director of Policy Erin O’Malley at eomalley@essentialhospitals.org or 202.585.0127 with questions.