HHS proposes new plan to bolster healthcare cybersecurity

HHS issued a concept paper detailing a new cybersecurity strategy aimed at enhancing the security of the healthcare sector.

The concept paper, released Dec. 6, expands upon President Joe Biden's National Cybersecurity Strategy from 2022 and outlines four key actions — establishing new voluntary cybersecurity performance goals for the healthcare sector, collaborating with Congress to create incentives for domestic hospitals to enhance cybersecurity, and enhancing accountability and coordination within the healthcare industry.

Here are the four actions the HHS outlines in its concept paper:

  • Publish voluntary healthcare and public health sector cybersecurity performance goals: HHS will release healthcare and public health cybersecurity performance goals to help healthcare institutions plan and prioritize implementation of high-impact cybersecurity practices.

  • Provide resources to incentivize and implement cybersecurity practices: HHS will work with Congress to obtain new authority and funding to administer financial support and incentives for domestic hospitals to implement high-impact cybersecurity practices.

  • Implement an HHS-wide strategy to support greater enforcement and accountability: HHS will propose new enforceable cybersecurity standards, informed by the cybersecurity performance goals, that would be incorporated into existing programs, including Medicare and Medicaid and the HIPAA security rule.

  • Expand and mature the one-stop shop within HHS for healthcare sector cybersecurity: HHS will mature the Administration for Strategic Preparedness and Response coordination role as a "one-stop shop" for healthcare cybersecurity, which will improve coordination within HHS and the federal government, deepen HHS and the federal government's partnership with industry, improve access and uptake of government support and services, and increase HHS' incident response capabilities.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars