Tag: cybersecurity

HHS Releases New Cybersecurity Framework Implementation Guide

The Administration for Strategic Preparedness and Response (ASPR) announced on Wednesday, March 8, the release of the Cybersecurity Framework Implementation Guide, which provides specific steps that health care organizations can take immediately to manage cyber risks to their information technology systems. This cybersecurity implementation guide provides recommendations, best practices, and resources to help the public and…

Senator Seeks Input on Policy Options Related to Health Care Cybersecurity

In early November, Senator Mark Warner (D-VA), Chair of the U.S. Senate Select Committee on Intelligence and co-creator of the Senate Cybersecurity Caucus, issued a policy options paper outlining current cybersecurity threats facing health care providers and systems and offering for discussion a series of policy solutions to improve cybersecurity across the industry. As part…

OCR Releases New Recognized Security Practices Video

In recognition of National Cybersecurity Awareness Month, the Office of Civil Rights (OCR) has produced a new video for organizations covered under the HIPAA Rules on Recognized Security Practices. Recommended security practices can help organizations improve their ability to safeguard patient information from cyberattacks and better safeguard the health care services we all rely upon.…

HHS alerts health sector to monkeypox-themed phishing campaign

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has alerted the sector to a monkeypox-themed phishing campaign targeting health care providers. The alert recommends organizations implement certain protective actions. “This alert reminds us that our cyber adversaries, foreign-based criminal gangs and hostile nation-state intelligence services, continue to prey on our culture…

Feds Launch New Website to Fight Ransomware

Health care organizations have been repeatedly targeted by hostile hackers and now the federal government has launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that creates one central location for ransomware resources and alerts. We encourage members to use this new website to…

Cyber Alert: Mitigating Microsoft Exchange Server Vulnerabilities

The Office for Civil Rights (OCR) of the Department of Health & Human Services (HHS) is sharing the following Updated Alert on Mitigating Microsoft Exchange Vulnerabilities to assist HIPAA-covered entities and their business associates in addressing serious threats to Microsoft Exchange servers.  Organizations are encouraged to review the information below and take appropriate action. The…

Cyber Alert:  Ransomware Activity Targeting the Health care and Public Health Sector

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible information of an increased and imminent cybercrime threat to U.S. health care providers and hospitals. CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that…

Office for Civil Rights Issues Resource Document on HIPAA and IT Asset Inventories

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has published, as  part of its Summer 2020 Cybersecurity Newsletter, a resource document to assist covered entities in conduction of an effective risk analysis to ensure compliance with the Security Rule.  The OCR is tasked with enforcing the Health Insurance Portability and…