As the threat of cyberattacks across the healthcare sector grows, the US Department of Health and Human Services this week is taking action. The department unveiled resources on Monday, via its 405(d) program to help address cybersecurity concerns in the healthcare and public health sector.
Nursing homes, in particular, often are the target of cyberattacks, with cyber criminals targeting third-party vendors or facilities to get access to resident, patient and employee data for use in fraud or identity theft schemes.
Global cyberattacks against the healthcare industry are up 74% from last year, Brian Schnese, assistant vice president and risk consultant at Hub International, told McKnights Long-Term Care News this week.
Fraud prevention tools for staff
Preventing cyber threats starts with training and resources for facility staff. HHS’ new resources include a platform, Knowledge on Demand, that will provide free training for health organizations to increase cybersecurity awareness. The platform will educate healthcare staff on social engineering, ransomware, loss or theft of equipment or data, insider accidental or malicious data loss, and attacks against network connected medical devices.
Health Industry Cybersecurity Practices 2023, a manual by HHS for the healthcare industry updated for this year, covers ways to mitigate cyber threats and keep residents and patients safe, with new information on social engineering attacks, which try to get people to reveal information, such as passwords, that can then be used to attack a network.
“Cyberattacks are one of the biggest threats facing our healthcare system today, and the best defense is prevention,” HHS deputy secretary Andrea Palm said Monday in a statement. “These trainings will serve as an asset to any sized organization looking to train staff in basic cybersecurity awareness and are offered free of charge, ensuring that those … organizations most vulnerable to attack can take steps toward resilience.”All videos and training materials can be accessed via the 405(d) website.
Read more more technology stories here.
