- In an effort to improve how organizations can respond to healthcare cybersecurity threats, and foster further information sharing in the industry, as well as in the public health sector, the Department of Health and Human Services (HHS) awarded a total of $350,000 in corporate agreements.
Smaller healthcare organizations often do not have the same access to methods to prevent or respond to cybersecurity attacks, HHS explained in a statement. Ransomware attacks continue to occur, and cybersecurity breaches can average $3.8 million per attack.
HHS hopes that “a streamlined cyber threat information sharing process” will help it send cyber threat data to a single entity, and that organization can then share the information with stakeholders.
“The agreements also will help build the capacity of NH-ISAC to receive cyber threat information from member healthcare entities,” HHS wrote. “Information about any system breaches and ransomware attacks will be relayed through a more robust cyber information sharing environment, as will information about steps healthcare entities should take to protect their health information technology systems.”
The National Health Information Sharing and Analysis Center (NH-ISAC) of Ormond Beach, Florida received a corporate agreement for $250,000 from the National Coordinator for Health Information Technology (ONC) “to provide cybersecurity information and education on cyber threats to healthcare sector stakeholders.”
NH-ISAC also received a $100,000 corporate agreement from HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) “to help build the infrastructure necessary to disseminate cyber threat information securely to healthcare partners.”
National Coordinator for Healthcare Information Technology Dr. Vindell Washington said in a statement that electronic health information security is essential to the evolving healthcare ecosystem. The HHS funding will assist organizations of all sizes share pertinent information to the latest healthcare cybersecurity issues.
HHS’ Assistant Secretary for Preparedness and Response Dr. Nicole Lurie added that the agreements are an important first step toward addressing current cybersecurity threats.
“Creating a more robust exchange about cybersecurity threats will help the industry prevent, detect and respond to these threats and better protect patients’ privacy and personally identifiable information,” Lurie said.