Warding Off Cyber Threats to Health Care
Security breaches and cyber attacks on the health care system are increasing, and such breaches now average $3.8 million in cost per attack, HHS reported.
- By Jerry Laws
- Dec 01, 2016
The new federal fiscal year had just begun when the U.S. Department of Health and Human Services announced it awarded cooperative agreements totaling $350,000 to strengthen health care and public health partners' readiness against cybersecurity threats. HHS' Office of the National Coordinator for Health Information Technology awarded one to the National Health Information Sharing and Analysis Center of Ormond Beach, Fla., to provide cybersecurity information and education on cyber threats to health care stakeholders, and HHS' Office of the Assistant Secretary for Preparedness and Response awarded another to the same agency to help build the infrastructure necessary to disseminate cyber threat information securely to health care partners.
"These agreements mark a critical first step toward addressing the growing threat cybersecurity poses to the health care and public health sector," said Dr. Nicole Lurie, HHS' assistant secretary for preparedness and response. "Creating a more robust exchange about cybersecurity threats will help the industry prevent, detect, and respond to these threats and better protect patients’ privacy and personally identifiable information."
"The security of electronic health information is foundational to our increasingly digitized health system," said Dr. Vindell Washington, national coordinator for health information technology. "This funding will help health care organizations of all sizes more easily and effectively share information about cyber threats and responses in order to protect their data and the health of their patients."
Security breaches and cyber attacks on the health care system are increasing, and such breaches now average $3.8 million in cost per attack, HHS reported. The agency wants to be able send cyber threat information to a single entity that will share it widely to support all stakeholders, ensuring that smaller providers have the information they need to take appropriate action.
The agreements also will help build the center's capacity to receive cyber threat information from member health care entities.
This article originally appeared in the December 2016 issue of Occupational Health & Safety.
Jerry Laws is Editor of Occupational Health & Safety magazine, which is owned by 1105 Media Inc.