Skip to content
CIO CHIME
Login
  • About
    • AEHIS, AEHIA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
  • Membership
    • Application
    • Awards & Honors
    • Committees
    • FAQs
    • Opioid Task Force
  • Education
    • College LIVE
    • Forum Archives
    • Forums & Workshops
    • KnowledgeHub
    • Opioid Task Force
    • Speaking Opportunities
    • This & That
    • Upcoming Events
  • Certification
    • CEUs
      • CHIME Events
      • Non-CHIME Events
      • Event Approval Form
    • CFCHE
    • CHCIO
    • CHCIO International
  • HealthCare’s Most Wired
  • Foundation
    • Awards
    • Board & Staff
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Partners
    • Press Releases
    • Sponsorship Opportunities
  • Education Foundation
    • Board & Staff
    • Donate
    • Scholarships
  • CHIME Tech
    • Board & Staff
    • About CHIME Tech
    • Advisory Services
    • Cooperative Member Services
    • Leadership Academy
    • Speakers Bureau

News & Press

Home » News & Press » Inside CHIME: List Gives Resources for Monitoring, Reporting Cyber Incidents

Inside CHIME: List Gives Resources for Monitoring, Reporting Cyber Incidents


Inside CHIME - header

7.617 by Mari Savickis
VP of Federal Affairs, CHIME

Another cyberattack was launched in late June that affected hospitals in Pennsylvania and West Virginia as well as a pharmaceutical company in the United States. The attack, with some similarities to the WannaCry incident in May, started in the Ukraine and spread to Europe, Australia and elsewhere. The Department of Health and Human Services (HHS) also reported that “at least one support company that provides health records services is impacted which may impact the ability to enter information into patient charts and access clinical test results.”

Below are free cybersecurity resources for members for this and other cyber incidents.

For alerts:

  • Public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new. HHS Assistant Secretary for Preparedness & Response’s Healthcare Emergency Preparedness Information Gateway (or ASPR TRACIE) sends timely alerts on emergencies including cyber threats and information sharing.
  • HHS website: asprtracie.hhs.gov
  • HHS Twitter: @PHEgov
  • Sign up for Department of Homeland Security (DHS) alerts: public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new. DHS responds to incidents, analyzes data about emerging cyber threats and shares information with the industry.
  • DHS website: us-cert.gov/about-us
  • DHS on Twitter: @USCERT_gov

To request a free scan of your public IP:

  • The US-CERT’s National Cybersecurity Assessment & Technical Services (NCATS) provides integrated threat intelligence and provides an objective third-party perspective on the current cybersecurity posture of the stakeholder’s unclassified operational / business networks. There is no cost to use this service. Contact US-CERT: [email protected].

 

For reporting a device vulnerability:

  • Call the Food and Drug Administration (FDA): 1-866-300-4374. Contact the FDA if you need to report a vulnerability impacting one of your devices. They have established an emergency hotline that can be used 24/7. Reports of impact on multiple devices should be aggregated on a system/facility level.

 

For reporting a cyber incident and law enforcement contacts:

  • DHS offers the US-CERT Incident Reporting System for a secure web-enabled means of reporting computer security incidents at us-cert.gov/forms/report. This system assists analysts in providing timely handling of security incidents as well as the ability to conduct improved analysis.
  • The Federal Bureau of Investigation (FBI) also urges victims to report ransomware incidents to the Internet Crime Complaint Center, at IC3.gov. This allows the agency to better understand threats.
  • The U.S. Secret Service has an Electronic Crimes Task Force. Those interested in help can locate their field office by going to secretservice.gov/investigation/#field.

 

For other breach resources:

  • HHS’ Office for Civil Rights (OCR) requires covered entities to notify them if they discover a breach of unsecured protected health information. hhs.gov/hipaa/for-professionals/breach-notification/breach-reporting/index.htm
  • OCR considers all ransomware attacks a breach; whether they must be reported depends on the situation. hhs.gov/sites/default/files/RansomwareFactSheet.pdf
  • Risk assessment tools and information: healthit.gov/providers-professionals/security-risk-assessment-tool
  • To help healthcare organizations covered by the Health Insurance Portability and Accountability Act (HIPAA) to bolster their security posture, HHS created a crosswalk that identifies “mappings” between the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the HIPAA Security Rule. The crosswalk also includes mappings to other commonly used security frameworks. hhs.gov/sites/default/files/nist-csf-to-hipaa-security-rule-crosswalk-02-22-2016-final.pdf
  • HHS quick response checklist and infographic for victims of cyberattack: hhs.gov/sites/default/files/cyber-attack-checklist-06-2017.pdf and hhs.gov/sites/default/files/cyber-attack-quick-response-infographic.gif

More Inside CHIME Volume 2, No. 14:

  • Looking to Drive Change in the Industry? Here’s the Key – Spenser Staebler

Media Inquiries

For media inquiries and interview requests please contact:

Candace Stuart

Director, Communications & Public Relations
[email protected]
734.275.0104

News, Press & Stories

  • Press Releases & Statements
  • Inside CHIME
  • In the News
  • CHIME Foundation Insight
  • Foundation Press Releases

New Initiatives

MEMBERSHIP

LEARN MORE & APPLY

UPCOMING EVENTS SEE MORE

  • 05/02/2018 - Straight Talk on Interoperability
  • 05/03/2018 - Mergers, Acquisitions, Divestitures- 2pm
  • 05/03/2018 - Mergers, Acquisitions, Divestitures- 4pm
  • SITE
    • About
    • Membership
    • Education
    • Certification
    • HealthCare’s Most Wired
    • Foundation
    • Education Foundation
    • CHIME Tech
  • MEMBERSHIP
    • Login
    • Become a Member
    • Become a Foundation Partner
  • SOCIAL
    •         
  • CONTACT US

    710 Avis Drive, Suite 200
    Ann Arbor, MI 48108
    Phone: (734) 665-0000
    Fax: (734) 665-4922

    MAP & DIRECTIONS

  • Logo
  • About
    • AEHIS, AEHIA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
  • Membership
    • Application
    • Awards & Honors
    • Committees
    • FAQs
    • Opioid Task Force
  • Education
    • College LIVE
    • Forum Archives
    • Forums & Workshops
    • KnowledgeHub
    • Opioid Task Force
    • Speaking Opportunities
    • This & That
    • Upcoming Events
  • Certification
    • CEUs
      • CHIME Events
      • Non-CHIME Events
      • Event Approval Form
    • CFCHE
    • CHCIO
    • CHCIO International
  • HealthCare’s Most Wired
  • Foundation
    • Awards
    • Board & Staff
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Partners
    • Press Releases
    • Sponsorship Opportunities
  • Education Foundation
    • Board & Staff
    • Donate
    • Scholarships
  • CHIME Tech
    • Board & Staff
    • About CHIME Tech
    • Advisory Services
    • Cooperative Member Services
    • Leadership Academy
    • Speakers Bureau
Copyright 2018 CHIME College of Healthcare Information Management Executives
Sponsors
Privacy Policy     Terms of Use    Web Design by build/create