On November 13, the U.S. Authorities Accountability Workplace (GAO) launched a report on the U.S. Division of Well being and Human Providers (HHS) cybersecurity challenges. GAO urged the HHS to implement their prior suggestions to deal with the challenges.
“Because the lead federal company for the healthcare and public well being sector, HHS is accountable for strengthening cybersecurity within the sector,” the report acknowledged. “These obligations embody coordinating with the Cybersecurity and Infrastructure Safety Company (CISA), the nationwide coordinator for essential infrastructure safety and resilience.”
“HHS has a number of initiatives supposed to mitigate ransomware dangers for healthcare and public well being,” GAO underscored. The report claimed that the division had not adequately monitored the sector’s implementation of ransomware mitigation practices.
“Our prior work has highlighted HHS’ challenges in finishing up its lead obligations for sector cybersecurity,” GAO famous. “The division has not but applied all our suggestions to deal with these challenges.”
GAO advisable the HHS examine the healthcare sector’s adoption of cybersecurity practices. Moreover, danger assessments for medical units are wanted.
“Till HHS implements our prior suggestions associated to enhancing cybersecurity, the division dangers not having the ability to successfully perform its lead company obligations, leading to potential antagonistic impression on healthcare suppliers and affected person care,” GAO acknowledged.
