A public-private task force led by the Department of Health and Human Services (HHS) released a report describing the most common cybersecurity threats to health care organizations and best practices to mitigate these threats.
According to the report, the health care system in 2016 lost $6.2 billion as a result of cybersecurity breaches.
The report explores five cybersecurity threats health care organizations often face:
- email phishing attacks;
- ransomware attacks;
- loss or theft of equipment or data;
- insider, accidental, or intentional data loss; and
- attacks against connected medical devices that might affect patient safety.
The report also identifies 10 best practices health care organizations can implement to counter such threats. HHS released two technical volumes detailing these cybersecurity best practices — one focused on small health care organizations and one focused on medium and large health care organizations.
America’s Essential Hospitals has established a resource page on IT security for essential hospitals. Visit this page for new and updated information.
Contact Senior Director of Policy Erin O’Malley at firstname.lastname@example.org or 202.585.0127 with questions.