HHS releases voluntary cybersecurity guidance

The U.S. Department of Health and Human Services has released a four-volume guidance for healthcare organizations titled “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients.” The report lists the five most relevant threats to the industry as phishing, ransomware, loss or theft of equipment or data, insider accidental data loss, and attacks against digital health tools. The report also includes recommendations for c-suite executives and IT experts. The HHS will work to raise awareness and implement the suggested cybersecurity practices across the healthcare industry in the coming months.