Lexology February 15, 2024
Jones Day

The Department of Health and Human Services (“HHS”) has released voluntary cybersecurity performance goals for the health care and public health sectors, which outline an increasingly standardized regulatory approach and preview more intensive future enforcement efforts.

Following the HHS’s 2023 concept paper outlining strategies to enhance cybersecurity for the health care and public health sectors, the HHS released its Healthcare and Public Health Sector-Specific Cybersecurity Performance Goals (“CPGs”). These CPGs are categorized into “essential” and “enhanced” goals to address common cyber-related vulnerabilities in the health sector. According to HHS, the CPGs are built from and informed by common industry cybersecurity frameworks, guidelines, and best practices. Although compliance with CPGs is currently voluntary, HHS’s concept paper reported its intention to implement...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, HHS, Provider, Technology
Related Articles:
Another health care disruptor is set to join RFK Jr.’s team
Familiar face in the tech policy office
CDC sends disease experts to Texas as measles cases rise
HHS Secretary RFK Jr. Urges Parents to Consider Measles Shot
What HHS' public comment rollback means for hospitals: 3 federal health updates

Share This Article