January 16, 2024
HHS Releases Healthcare Sector Cybersecurity Strategy
While cybersecurity attacks on hospitals and other health care-related entities are not new, in recent years we have begun to see a steady increase of attacks. According to the Office of Civil Rights (OCR), from 2018 to 2022, there was a 93% increase in large security breaches within healthcare entities.
When health care systems undergo a cybersecurity attack, not only are patients’ sensitive information put at risk, but there can be an impact on direct patient care that can last weeks, such as:
- delayed procedures
- patients being routed to other facilities, and
- canceled appointments.
The US Department of Health and Human Services (HHS) released an outline of its strategy to address cybersecurity moving forward, in the December 2023 report titled Healthcare Sector Cybersecurity: Introduction to the Strategy of the US Department of Health and Human Services.
Health Industry Cybersecurity Practices
Guidance for medical device manufacturers or pre-market cybersecurity recommendations