For more than two decades, Cybersecurity Awareness Month has been dedicated to teaching everyone how to stay safe and secure online. It was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. It was launched by the National Cybersecurity Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online.
Throughout October we will be spotlighting cybersecurity in healthcare. We start with federal resources and research.
From Department of Homeland Security (DHS)
Cybersecurity Is a top Priority and a Collective Effort by Dimitri Kusnezov, PhD
The Science and Technology Directorate (S&T) kicks off Cybersecurity Awareness Month with a look at some of our related research, development, testing, and evaluation work currently underway and the partnerships that make it all possible.
Strengthening our cybersecurity infrastructure and defending against malicious attacks requires vigilance, vision, and collaboration. S&T brings experts together across the Department of Homeland Security (DHS), academia, and industry, as well as our global counterparts, to tackle the mission from all sides. Because we, and our world, are stronger together.
From Agency for Healthcare Research and Quality (AHRQ) and the Patient Safety Network (PSNet)
Cybersecurity and How to Maintain Patient Safety – Barbara Pelletreau, RN; John Riggi; Bryan M. Gale, MA; Sarah E. Mossburg, RN, PhD | March 27, 2024
The integration of information technology (IT) in healthcare has become a cornerstone of efficiency and advancement in the last few decades. Interconnected IT systems within healthcare can streamline processes, enhance patient care, and save lives, but they also introduce a complex web of cybersecurity vulnerabilities. Healthcare has increasingly become a prime target for cyberattacks. Many organizations depend heavily on IT for daily operations. Therefore, losing access to IT systems and to the data contained in these systems has dire consequences.
From the US Department of Health and Human Services (HHS)
Healthcare Sector Cybersecurity – Introduction to the strategy of HHS
The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. And cyber incidents in healthcare are on the rise. For instance, HHS tracks large data breaches through its Office for Civil Rights (OCR), whose data shows a 93% increase in large breaches reported from 2018 to 2022 (369 to 712), with a 278% increase in large breaches reported to OCR involving ransomware from 2018 to 2022.
From HealthIT.gov, Assistant Secretary for Technology Policy (ASTP)
From HealthIT.gov, Assistant Secretary for Technology Policy (ASTP)
Health IT Playbook – Section 7 – Privacy and Security
Under federal regulation, your practice is responsible for protecting the confidentiality, integrity, and availability of personal health information that is maintained in or can be accessed through your electronic health record (EHR) system. “Privacy” generally refers to an individual’s ability to keep certain personal health information free from unauthorized access and the ability to access and share the information themselves. “Security” is the way your practice controls access and protects this information, including safeguarding it from accidental or intentional disclosure.