DHHS Releases Voluntary Cybersecurity Practices for the Health Industry

January 4, 2019


In response to cybersecurity risks facing health care entities, the Department of Health and Human Services (DHHS), posted on December 28, 2018, “Health Industry Cybersecurity Practices: Managing and Protecting Patients.”  This four-volume publication provides actionable and practical guidance on cost-effective methods that health care organizations at various size and resource levels can use to reduce cybersecurity risks.  It is the culmination of a two-year collaboration between DHHS and health industry and cybersecurity experts to develop voluntary guidelines aimed at reducing cybersecurity risks and ensuring the security and safety of patients.

DHHS’s publication is available at https://www.phe.gov/Preparedness/planning/405d/Pages/hic-practices.aspx.  DHHS intends to regularly update this publication in order to keep the information on threats faced by the health care industry current and relevant.

Click Here to read entire Legal Alert.

Should you have any questions regarding these recommendations, please contact a member of our Health Care Information and Technology Practice Group or the Garfunkel Wild attorney with whom you regularly work.