Analysis: Are HHS Cybersecurity Recommendations Achievable?
A new Department of Health and Human Services report to Congress containing more than 100 recommendations for how healthcare can better address cybersecurity threats is stirring debate over whether smaller organizations will be able to take the recommended actions.
Among the report’s recommendations, for example, are that organizations replace or upgrade outdated systems, carefully review how much data they retain and take a team approach to maintaining medical devices.
“The report writers clearly recognize the big challenges healthcare organizations face,” says Kate Borten, president of privacy and security consulting firm The Marblehead Group. “And while the task force and government groups can and should move ahead on big-picture national objectives, the small and midsize organizations will continue to struggle with cybersecurity.”