HHS Funds “Cooperative Agreements” for Cybersecurity Support | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HHS Funds “Cooperative Agreements” for Cybersecurity Support

October 4, 2016
by Rajiv Leventhal
| Reprints

The U.S. Department of Health and Human Services (HHS) has awarded “cooperative agreements” totaling $350,000 with the aim to strengthen the ability of healthcare and public health sector partners to respond to cybersecurity threats.

The agreements will look to foster the development of a more vibrant cyber information sharing ecosystem within healthcare and public health sector, HHS officials said in a press release.

More specifically, HHS’ Office of the National Coordinator for Health Information Technology (ONC) awarded a cooperative agreement to the National Health Information Sharing and Analysis Center (NH-ISAC) of Ormond Beach, Fla., to provide cybersecurity information and education on cyber threats to healthcare sector stakeholders. HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) awarded a cooperative agreement to NH-ISAC to help build the infrastructure necessary to disseminate cyber threat information securely to healthcare partners. ASPR’s role is to lead HHS in preparing the nation to respond to and recover from adverse health effects of emergencies, supporting communities’ ability to withstand adversity, strengthening health and response systems, and enhancing national health security. 

Through a streamlined cyber threat information sharing process, the plan is for HHS to send cyber threat information to a single entity, which then will share that information widely to support the full range of stakeholders. This approach helps ensure that smaller healthcare providers have the information they need to take appropriate action, HHS stated.

The agreements also will aim to help build the capacity of NH-ISAC to receive cyber threat information from member healthcare entities. Information about any system breaches and ransomware attacks will be relayed through a more robust cyber information sharing environment, as will information about steps healthcare entities should take to protect their health information technology systems, the agency said.

HHS officials noted how security breaches and ransomware attacks on the public healthcare system have been on the rise in recent years, as has the average cost associated with these attacks. So far in 2016, third-party data breaches have impacted 4.5 million patients, according to a recent report from Protenus and DataBreaches.net. And, the Ponemon 2016 Cost of Data Breach study found that the average cost of a data breach for companies surveyed has grown to $4 million, representing a 29 percent increase since 2013.

“These agreements mark a critical first step toward addressing the growing threat cybersecurity poses to the healthcare and public health sector,” Nicole Lurie, HHS’ assistant secretary for preparedness and response, said in a prepared statement. “Creating a more robust exchange about cybersecurity threats will help the industry prevent, detect and respond to these threats and better protect patients’ privacy and personally identifiable information.”

“The security of electronic health information is foundational to our increasingly digitized health system,” added Vindell Washington, M.D., National Coordinator for Health IT. “This funding will help healthcare organizations of all sizes more easily and effectively share information about cyber threats and responses in order to protect their data and the health of their patients.”

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

CMS Exploring Potential Behavioral Health Payment and Care Delivery Model

The Center for Medicare & Medicaid Services (CMS) plans to hold a one-day summit in September to solicit feedback and ideas for a potential behavioral health model to improve access, quality and cost of care for beneficiaries with behavioral health conditions.

MEDITECH to Soon Offer CommonWell Health Alliance Services to Customers

MEDITECH, a Westwood, Mass.-based electronic health record (EHR) vendor, has announced that it is set to offer CommonWell interoperability services early next year.

HITRUST CSF Certification Now Includes NIST Cybersecurity Certification

HITRUST has announced that HITRUST cybersecurity framework (CSF) version 9 enhancements now extend an “assess once, report many” approach as a standard security framework for multiple critical infrastructure industries and includes National Institute of Standards and Technology (NIST) Cybersecurity certification.

Premier: Analytics Helping Hospitals Optimize Blood Use

An analysis of 645 hospitals revealed that comparative data analytics to drive performance improvement has the potential to optimize blood use across numerous diagnoses.

Almost 80 Percent of Clinicians Still Use Hospital-Issued Pagers

A study examining the communication technologies used by hospital-based clinicians found that close to 80 percent (79.8 percent) of clinicians continue to use hospital-provided pagers and 49 percent of those clinicians report they receive patient care-related messages most commonly by pager.

Survey: IT Expenses per Physician Continue to Rise to Nearly $19,000

Information technology (IT) expenses for physician practices are on a slow and steady rise for most practices, and last year, physician-owned practices spent between nearly $2,000 to $4,000 more per FTE physician on IT operating expenses than they did the prior year, according to a recent Medical Group Management Association (MGMA) survey.