This paper shares insights to improve cybersecurity across the health sector, with attention to regulatory modernization, workforce development, emergency preparedness and response, and emerging mobile and healthcare at home contexts.
The healthcare sector faces a complex set of challenges in its information technology and operational environment, with threats that can impact patient care, business operations, medical devices, facilities, protected health information, and public confidence. Healthcare delivery organizations (HDOs) remain a prime target for cyber attacks. Home and mobile health data collection and exchange increase attack surfaces; a number of steps need to be taken to enable these innovations to scale safely and engender user confidence. Initially derived in response to U.S. Senator Mark Warner’s white paper, Cybersecurity is Patient Safety: Policy Options in the Health Care Sector, this paper summarizes insights and recommendations for policymakers on ways to improve cybersecurity across the health sector.
Specific areas addressed:
- Improving Our National Cybersecurity Risk Posture in the Healthcare Sector
- Modernizing Regulatory Frameworks, Including HIPAA Security and Privacy Rules, To Increase Cybersecurity Protections
- Developing the Healthcare Cybersecurity Workforce
- Improving HDO Cybersecurity Capabilities
- Emergency Preparedness and Response
- Cybersecurity in the Healthcare at Home Setting