A new outlook on the most prominent cybersecurity threats in the healthcare industry today and a series of corresponding, risk-prioritized cybersecurity best practices to combat these threats are now available from the Department of Health and Human Services (HHS). More than 150 private sector healthcare and cybersecurity experts contributed to this guidance as part of the task force HHS established in response to The Cybersecurity Act of 2015. Their goal, cost-effectively strengthening cybersecurity in the healthcare industry.
Heightened cybersecurity vigilance is a necessity everywhere today. The healthcare sector in particular, however, has amassed vast amounts of sensitive personal, financial and health information, making it a particularly attractive target.
While this new guidance does not create a new “mandatory” cybersecurity framework, regulators and courts may still defer to it when the “reasonableness” of security safeguards is questioned post-breach in the healthcare sector.
Read more about the HHS report here.