The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.
Because of these documented threats, Eagle Associates strongly recommends that you share the following link with your IT personnel/vendor to ensure that precautions are taken for your network and systems:
https://us-cert.cisa.gov/ncas/alerts/aa20-302a
The alert includes valuable best practices for ransomware, and several no-cost resources available to you through CISA. Taking action before a cyberattack occurs will help you to get back to regular operations more quickly and will also reduce costs and stress.
A critical component to your overall cybersecurity efforts is conducting a Security Risk Analysis to identify threats and vulnerabilities to your electronic protected health information (EPHI). It is equally important to follow through with corrective actions after the SRA to document risk management and mitigation. NOTE: Subscribers to the Eagle Associates HIPAA Compliance System have a Security Risk Analysis tool included with their program.
If you have any questions regarding this or any other compliance issue, reach out to our team at (800) 777-2337 or via email at info@eagleassociates.net.
