Global Edition
Privacy & Security

ASPR seeks feedback on public health orgs' cybersecurity needs

The Administration for Strategic Preparedness and Response will be surveying agencies to assess the readiness of state, local, tribal and territorial public health organizations to manage cyber threats and gauge their needs for support.
By Andrea Fox
November 13, 2024
10:41 AM

Photo: Christina Morillo/Pexels

The Joint Public Health Cybersecurity Task Group, the Healthcare and Public Health Sector Coordinating Council and the Healthcare and Public Health Sector Joint Cyber Working Group are evaluating the current state of readiness within this essential subsector to identify avenues for enhancing its resilience against evolving cyber threats.

WHY IT MATTERS

The anonymous survey, administered through a partnership with the University of Texas at Austin, will require approximately 15 minutes to complete. 

The findings will inform grant funding recommendations and shape public health sector policies, according to Bob Bastani, senior cybersecurity advisor for critical infrastructure protection for the Administration for Strategic Preparedness and Response, and Dr. Leanne Field, chair of the HSCC's public health subsector and executive committee member of the Cybersecurity Working Group and faculty member at UT Austin.

Among the questions, the survey asks if a cyber event interrupted normal health department processes, what would be the most damaging loss of public health services to the community served?

"The insights obtained from a diverse array of public health officials, decision-makers, practitioners and information technology leaders across SLTT communities are crucial in informing our collective strategy for cybersecurity," they wrote in their announcement.

High levels of participation in the survey are crucial, said Greg Garcia, executive director of the HSCC Cyber Working Group. 

"In light of the increasing cyber threats faced by the sector, this voluntary survey presents a vital opportunity to evaluate current readiness levels and pinpoint areas that require enhancement," he said in his correspondence to health officials posted by the National Association of County and City Health Officials on its website.

Bastani and Field also requested assistance in promoting the online survey, which will remain open until Monday, December 2, to public health leaders and practitioners at all levels.

THE LARGER TREND

The U.S. Department of Health and Human Services, the parent agency of ASPR, centralizes cybersecurity resources provided by it and other federal agencies for the healthcare and public health sector to help address cybersecurity threats that have reached epidemic proportions.

Public health agencies are far from immune to healthcare cyberattacks, as government agencies are a target of cyber adversaries bent on financial gain, service disruption or both.

In June, the Los Angeles County Department of Public Health said it experienced a phishing attack on February 19 and 20, during which a hacker gained the login credentials of 53 Public Health employees. The brief attack compromised the personal information, including first and last names, dates of birth, diagnoses, prescriptions, Social Security Numbers and financial information of more than 200,000 people, the county said.

The cybersecurity preparedness of public health could also be compromised by the advance of digital tools like artificial intelligence.

"What happens if a chatbot from a well-respected institution starts propagating misinformation during a future public health emergency?" pondered Brian R. Spisak, a healthcare digital transformation consultant, researcher and educator in a June opinion piece in Healthcare IT News.

While Spisak was writing about the potential dangers of the World Health Organization's generative AI chatbot Sarah introduced in April, AI and cybersecurity are closely intertwined and public health use of AI technologies presents risks.

Technology risk management and threats to patient safety "aren't mutually exclusive, they're mutually inclusive," noted Atlantic Health System Chief Information and Digital Officer Sunil Dadlani at the HIMSS cybersecurity forum in September.

ON THE RECORD

"Understanding that many SLTT communities may not have previously engaged with initiatives of this nature, we are reaching out to encourage widespread participation of the public health community," Bastani and Field said in the survey announcement.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.

Topics: 
Artificial Intelligence, Government & Policy, Health Information Exchange (HIE), Privacy & Security

More regional news

Nurses review a patient record on a digital tablet

All private hospitals in Singapore to connect to national EMR

By
Adam Ang
November 20, 2024
Dr. Mehmet Oz

Trump picks Dr. Mehmet Oz to head CMS

By
Susan Morse
November 20, 2024
Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock

OIG again deems HHS' infosec program ineffective

By
Andrea Fox
November 20, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
OIG again deems HHS' infosec program ineffective

Most Read

HMIS integration with other public HIS sought and more India briefs
Optimize your radiology department workflows with AI
What Loper Bright and the end of Chevron deference mean for HHS
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
India to harness ABDM data to develop public AI

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices

More Stories

Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks
Doctor talking notes while talking to a tablet
Modernizing acute care: the economic impact of bedside telehealth
A pharmacist reviewing a digital record
Blooms The Chemist integrates Healthengine and more...
Lee Kim at HIMSS_Global Health Equity Week 2024
AI can be leveraged to improve cybersecurity and health equity
HIMSSCast logo
HIMSSCast: Caregiver input needed for allocation of investment dollars