The HHS has released a set of voluntary cybersecurity performance goals tailored to the healthcare sector that aim to help protect the industry from cyberattacks and improve response when events occur.
The goals outline minimum practices for cybersecurity performance and enhanced goals to encourage adoption of more advanced practices for organizations of all sizes, according to a Jan. 24 HHS news release.
The HHS said this move was made to help healthcare organizations prioritize implementing high-impact cybersecurity practices.
The goals come at a time when the healthcare sector is seeing a rise in ransomware attacks. According to cybersecurity firm Emsisoft, health systems experienced 46 ransomware attacks in 2023, up from 25 in 2022 and 27 in 2021.
Out of those attacks, 141 affected U.S. hospitals, with data being stolen in 32 of 46 of the ransomware events.