Tech

HHS developing cyber guidelines for health industry

The Department of Health and Human Services has started compiling principles and best practices for cybersecurity in health care.

By FedScoop Staff

May 16, 2017

(Getty Images)

The Department of Health and Human Services has started compiling principles and best practices for cybersecurity in health care.

“We had an information day … and we are kicking off next week,” said Julie Anne Chua, from the office of the department’s chief information officer. She spoke at a cybersecurity workshop at the National Institute of Standards and Technology.

HHS took the initiative after urging from Congress in recent cyber legislation.

Section 405d of the 2015 Cybersecurity Act — passed as part of the massive omnibus appropriations nearly 18 months ago — is titled “Aligning health care industry security approaches.” It mandates the HHS secretary “to lead a task group to put together a set of voluntary, consensus-based principles and best practices for cybersecurity in the health sector,” explained Chua.

As the law requires, it will be consistent with the NIST Cybersecurity Framework and the privacy and security provisions of the Health Insurance Portability and Accountability Act, known as HIPAA.

Read more about the new guidelines in Shaun Waterman’s coverage on CyberScoop.

More Scoops

HHS technology officials are seated on stage at AFCEA Bethesda's Health IT 2024 event. — A panel of Department of Health and Human Services technology officials discussed generative AI use within their agencies at AFCEA Bethesda’s Health IT 2024.

HHS developing cyber guidelines for health industry

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

HHS IT draft strategy aims to connect health data with systems

Top Stories

IRS touts Direct File usage, while mulling the future of the program

GSA welcomes nominations for advisory committee focused on federal transparency efforts

DHS launches safety and security board focused on AI and critical infrastructure

Security flaws in IRS systems pose risk to financial statements, GAO says

DOJ seeks public input on AI use in criminal justice system

DHS picks OMB official to lead its new AI Corps

CISA’s chief data officer: Bias in AI models won’t be the same for every agency

Scientists must be empowered — not replaced — by AI, report to White House argues

More Scoops

CDC eyeing ‘model cards’ to detail generative AI tool information

ARPA-H launches mobile health program aimed at rural communities

HHS maintains deadline for AI transparency requirements in new tech certification rule

HHS exploring program management office support for departmentwide zero trust implementation

ARPA-H announces up to $50 million for six health data security projects

ARPA-H looks to strengthen US hospital infrastructure in face of continued cyberattacks

HHS’s artificial intelligence use cases more than triple from previous year

Latest Podcasts

HHS developing cyber guidelines for health industry

CISA is building an automated ransomware warning program

GSA’s Login.gov platform gets a new director

DOD’s Ashley Elizabeth Evans on effectively implementing AI

Tech

Defense

Cyber

Acquisition