HHS Funds “Cooperative Agreements” for Cybersecurity Support | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HHS Funds “Cooperative Agreements” for Cybersecurity Support

October 4, 2016
by Rajiv Leventhal
| Reprints

The U.S. Department of Health and Human Services (HHS) has awarded “cooperative agreements” totaling $350,000 with the aim to strengthen the ability of healthcare and public health sector partners to respond to cybersecurity threats.

The agreements will look to foster the development of a more vibrant cyber information sharing ecosystem within healthcare and public health sector, HHS officials said in a press release.

More specifically, HHS’ Office of the National Coordinator for Health Information Technology (ONC) awarded a cooperative agreement to the National Health Information Sharing and Analysis Center (NH-ISAC) of Ormond Beach, Fla., to provide cybersecurity information and education on cyber threats to healthcare sector stakeholders. HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) awarded a cooperative agreement to NH-ISAC to help build the infrastructure necessary to disseminate cyber threat information securely to healthcare partners. ASPR’s role is to lead HHS in preparing the nation to respond to and recover from adverse health effects of emergencies, supporting communities’ ability to withstand adversity, strengthening health and response systems, and enhancing national health security. 

Through a streamlined cyber threat information sharing process, the plan is for HHS to send cyber threat information to a single entity, which then will share that information widely to support the full range of stakeholders. This approach helps ensure that smaller healthcare providers have the information they need to take appropriate action, HHS stated.

The agreements also will aim to help build the capacity of NH-ISAC to receive cyber threat information from member healthcare entities. Information about any system breaches and ransomware attacks will be relayed through a more robust cyber information sharing environment, as will information about steps healthcare entities should take to protect their health information technology systems, the agency said.

HHS officials noted how security breaches and ransomware attacks on the public healthcare system have been on the rise in recent years, as has the average cost associated with these attacks. So far in 2016, third-party data breaches have impacted 4.5 million patients, according to a recent report from Protenus and DataBreaches.net. And, the Ponemon 2016 Cost of Data Breach study found that the average cost of a data breach for companies surveyed has grown to $4 million, representing a 29 percent increase since 2013.

“These agreements mark a critical first step toward addressing the growing threat cybersecurity poses to the healthcare and public health sector,” Nicole Lurie, HHS’ assistant secretary for preparedness and response, said in a prepared statement. “Creating a more robust exchange about cybersecurity threats will help the industry prevent, detect and respond to these threats and better protect patients’ privacy and personally identifiable information.”

“The security of electronic health information is foundational to our increasingly digitized health system,” added Vindell Washington, M.D., National Coordinator for Health IT. “This funding will help healthcare organizations of all sizes more easily and effectively share information about cyber threats and responses in order to protect their data and the health of their patients.”

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Study will Leverage Connecticut HIE to Help Prevent Suicides

A new study will aim to leverage CTHealthLink, a physician-led health information exchange (HIE) in Connecticut, to help identify the factors leading to suicide and to ultimately help prevent those deaths.

Duke Health First to Achieve HIMSS Stage 7 Rating in Analytics

North Carolina-based Duke Health has become the first U.S. healthcare institution to be awarded the highest honor for analytic capabilities by HIMSS Analytics.

NIH Releases First Dataset from Adolescent Brain Development Study

The National Institutes of Health (NIH) announced the release of the first dataset from the Adolescent Brain Cognitive Development (ABCD) study, which will enable scientists to conduct research on the many factors that influence brain, cognitive, social, and emotional development.

Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.