Last week, the U.S. Department of Health and Human Services (HHS), through the Administration for Strategic Preparedness and Response (ASPR), released voluntary health care specific cybersecurity performance goals (CPGs) and a new gateway website to help Health Care and Public Health (HPH) sector organizations implement these high-impact cybersecurity practices and ease access to the plethora of cybersecurity resources HHS and other federal partners offer. As outlined in the recent HHS Health Care Sector Cybersecurity concept paper, HHS is publishing the CPGs to help healthcare organizations, and healthcare delivery organizations in particular, prioritize implementation of high-impact cybersecurity practices. The HPH CPGs are designed to better protect the healthcare sector from cyberattacks, improve response when events occur, and minimize residual risk.
