The Department of Health and Human Services and the Health Sector Coordinating Council have issued a framework to guide the implementation of the National Institute of Standards and Technology’s Cybersecurity Framework across the health care industry.
The implementation guide outlines risk management standards, principles and best practices for aligning health organizations’ cybersecurity measures with the NIST framework, the Administration for Strategic Preparedness and Response said Wednesday.
Andrea Palm, deputy secretary of HHS, said cyber incidents could jeopardize the ability of health care organizations to deliver patient service and pose risks to the sector’s intellectual property and research efforts.
“The release of this guide will help health care organizations become better equipped to assess and improve their cybersecurity,” Palm said.
HHS ASPR developed the implementation guide in collaboration with the HSCC Cybersecurity Working Group.
“This Framework Implementation Guide joins a growing list of jointly produced resources that are aligned with the NIST framework – allowing organizations of all sizes to implement cybersecurity best practices, protect their patients, and make the sector more resilient,” said La Monte Yarborough, chief information security officer at HHS.
Yarborough is set to speak at the Potomac Officers Club’s Enhancing Cybersecurity for Critical Civilian Infrastructure Forum scheduled on March 30. Click here to register and hear from a panel of speakers about the U.S. government’s efforts to improve cybersecurity for federal civilian agencies.
