It's not that long ago that attacks on hospitals were considered inexcusable. As "bad actors" no longer care about their already dubious reputations - let alone patient safety - the proliferation of such unconscionable activity has skyrocketed. Within the "cyber realm" alone, 150 cyberattacks against North American health facilities caused real financial, operational and privacy harms.
While it's clearly time for a public-private partnership to bring organized criminals to justice the US Department of Health has done what everyone should do first: come up with an acronym (in this case, two initialisms)!
As such, going forward, The Healthcare and Public Health Sector-specific Cybersecurity Performance Goals (HPH CPGs) are a set of proposed "voluntary" security measures designed that will determine whether medical facilities receive government support in case of cyberextortion, ransomware infections and other impactful events.
While no one disputes the need for HIPAA reform, it is debatable whether the threat of conditions placed on financial and incident response assistance are going to send the right message. Aside from that, more healthcare cybersecurity protection is always a great move!
Member discussion: