The Department of Health and Human Services issued voluntary cybersecurity performance goals and launched a gateway website to guide healthcare and public health organizations in defending their IT infrastructure.
HHS’ Administration for Strategic Preparedness and Response on Wednesday published the performance goals to ensure the implementation of layered protection and other high-impact cybersecurity practices.
The goals are based on standards including the National Institute of Standards and Technology’s Cybersecurity Framework, Health Industry Cybersecurity Practices and the National Cybersecurity Strategy and Implementation Plan.
Among the objectives are conducting basic IT defense training, removing departing personnel’s access to apps, setting up e-mail security perimeters and applying network segmentation techniques.
“The actions announced today make it easier for health care organizations to protect patients by prioritizing those key cybersecurity practices upon which they should focus their efforts,” HHS Assistant Secretary for Preparedness and Response Dawn O’Connell commented.