Lexology April 4, 2024
Mintz

As promised in the U.S. Department of Health and Human Services (HHS) concept paper in December 2023, the agency published voluntary health care and public health cybersecurity performance goals (HPH CPGs) in January 2024 and then recently proposed in the FY 2025 Budget to establish certain HPH CPG compliance incentives and penalties for hospitals.

The HPH CPGs are divided into “essential” goals, which are intended to serve as baseline standards for organizations, and “enhanced” goals meant to promote more sophisticated practices. HHS used the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) Cross-Sector CPGs released in March 2023 as well as other industry cybersecurity frameworks to develop the HPH CPGs:

Essential Goals:

  • Mitigate Known Vulnerabilities;
  • Email Security;
    • ...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, Technology
Related Articles:
Dr. Oz, RFK Jr. on Medicare, Medicaid: 10 notes
RFK Jr. eyes overhaul of Medicare physician pay: What to know
Reading RFK Jr.’s tea leaves
New HHS leader could overhaul Medicare physician reimbursement: reports
Docs deem RFK Jr. a ‘damaging’ and ‘devastating’ pick for HHS Secretary, but some see a silver lining

Share This Article