HIA Compliant with HHS Cybersecurity Guidance

by | Mar 20, 2019 | Cybersecurity, HIPAA, Internet Technology | 0 comments

“Cyberattacks are an increasing threat across all critical infrastructure sectors. For the health sector, cyberattacks are especially concerning because these attacks can directly threaten not just the security of our systems and information but also the health and safety of American patients. We are under constant cyberattack in the health sector, and no organization can escape that reality. While innovation in health information technology is a cause for optimism and increasing sophistication in health IT holds the promise to help address some our most intractable problems, whether in clinical care, fundamental research, population health or health system design, our technology will work for us only if it is secure. Information systems are crucial to today and tomorrow’s healthcare system, so we must take every step possible to protect them.”  – Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients


The aforementioned HHS publication, Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, is a collection of practical, understandable, voluntary, industry-led guidelines to reduce cybersecurity risks.

The five threats cited in the publication are:

  • Email phishing attacks
  • Ransomware attacks
  • Loss or theft of equipment or data
  • Insider, accidental or intentional data loss
  • Attacks against connected medical devices that may affect patient

HIA is compliant with the HHS’ ten listed Cybersecurity Practices to manage those threats:

 

HIA ComplianceRecommended Cybersecurity Practices
Email Protection Systems
Endpoint Protection Systems
Access Managements
Data Protection and Loss Prevention
Asset Management
Network Management
Vulnerability Management
Incident Response
N/AMedical Device Security
Cybersecurity Policies

Pin It on Pinterest

Share This