Recently the Public Health Emergency (PHE) published a whitepaper aimed at raising awareness and providing vetting cybersecurity practices. The focus of their publications are to move organizations towards mitigation of pertinent cybersecurity threats.
The publication includes a main document, two technical volumes, and resources and templates:
- Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP): The HICP examines cybersecurity threats and vulnerabilities that affect the healthcare industry. It explores (5) current threats and presents (10) practices to mitigate those threats.
- Technical Volume 1: Cybersecurity Practices for Small Health Care Organizations: Technical Volume 1 discusses the ten Cybersecurity Practices along with Sub-Practices for small health care organizations.
- Technical Volume 2: Cybersecurity Practices for Medium and Large Health Care Organizations: Technical Volume 2 discusses the ten Cybersecurity Practices along with Sub-Practices for medium and large health care organizations.
- Resources and Templates: The Resources and Templates portion includes a variety of cybersecurity resources and templates for end users to reference.
- Cybersecurity Practices Assessments Toolkit (Appendix E-1): This tool helps organizations prioritize their cyber threats and develop their own action plans using the assessment methodology outlined in the Resources and Templates volume. This tool is still under development. To receive an advance copy, please contact us at CISA405d@hhs.gov .
Source: PHE.gov – Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients| https://www.phe.gov/Preparedness/planning/405d/Pages/hic-practices.aspx
Material posted on this website is for informational purposes only and does not constitute a legal opinion or medical advice. Contact your legal representative or medical professional for information specific to your legal or medical needs.
