WASHINGTON, D.C. — Federal health officials have launched a new cybersecurity assessment tool designed to help hospitals and public health organizations identify vulnerabilities and prevent cyberattacks that could disrupt patient care.
What This Means for You
- A new federal cybersecurity tool is available to help health systems assess digital security risks.
- The tool helps hospitals identify weaknesses that could disrupt patient care during cyberattacks.
- Health organizations can access the assessment through a free online federal platform.
The Administration for Strategic Preparedness and Response, a division of the U.S. Department of Health and Human Services, announced Thursday that it has added a cybersecurity module to its Risk Identification and Site Criticality, or RISC 2.0, Toolkit.
The RISC 2.0 platform is a free, web-based system used by hospitals and health organizations to evaluate risks that could disrupt operations. Users conduct assessments by identifying potential threats, reviewing vulnerabilities, estimating potential consequences, and sharing results with partners involved in emergency preparedness.
According to federal officials, more than 3,500 health systems currently use the tool.
“Cyber threats are growing more sophisticated,” said ASPR Principal Deputy Assistant Secretary John Knox. “We must acknowledge that cyber safety is patient safety and that cyber threats can cause cascading problems across the health care industry.”
New Cybersecurity Assessment Module
The newly added module allows health organizations to evaluate cybersecurity practices and identify potential weaknesses.
Users answer a series of questions about security policies, technical safeguards, and operational procedures. The responses are evaluated against national cybersecurity standards, including the National Institute of Standards and Technology Cybersecurity Framework 2.0 and federal cybersecurity performance goals for the health sector.
Federal officials say the process helps organizations identify gaps in their defenses and prioritize investments to strengthen cybersecurity.
Integrating Cybersecurity With Emergency Planning
The cybersecurity module is integrated into the existing RISC 2.0 system, allowing hospitals and health systems to evaluate cyber risks alongside other hazards such as natural disasters, infrastructure failures, or public health emergencies.
Officials say the unified platform helps organizations develop comprehensive preparedness plans.
When organizations identify risks and vulnerabilities, they can implement mitigation strategies that reduce the chance of cyber disruptions affecting patient care.
Federal Role in Health Sector Cybersecurity
The Department of Health and Human Services serves as the federal government’s Sector Risk Management Agency for the health care and public health sector.
Through ASPR, the agency provides cybersecurity guidance and preparedness support to hospitals, health systems, and public health partners across the country.
Organizations interested in using the tool or learning more about the RISC 2.0 platform can visit https://aspr.hhs.gov/RISC/Pages/default.aspx.
For the latest news on everything happening in Chester County and the surrounding area, be sure to follow MyChesCo on Google News and MSN.