Addressing Cybersecurity Threats in Health Centers Addressing Cybersecurity Threats in Health Centers This article uses the 2020 incident at the Family Health Center of Worcester (FHCW) to explore innovative strategies to bolster health centers' cybersecurity, including leveraging group purchasing organizations (GPOs) for discounted solutions and implementing bug bounty programs to proactively strengthen systems. Ultimately, it investigates how these approaches can protect vital community health resources from the escalating tide of cyber threats.
A Practical Guide on Intimate Partner Violence, Human Trafficking, and Exploitation and Technology Tools A Practical Guide on Intimate Partner Violence, Human Trafficking, and Exploitation and Technology Tools This practical guide features key tools and principles to help health centers (HCs) develop safe documentation for intimate partner violence, human trafficking, and exploitation (IPV/HT/E) in their electronic health records (EHRs) and other technology tools. In 2020, the Health Resources and Services Administration’s (HRSA) introduced new Uniform Data System (UDS) data elements for health centers (HCs) to report on IPV and HT/E. With the evolving landscape of data use in medical settings, it is imperative that HC staff understand privacy principles and implement best practices to protect confidentiality for survivors of IPV/HT/E. This resource features guidelines on documenting IPV/HT/E in the EHR using a trauma-informed, survivor-centered approach. The guide also features tools that FUTURES has developed alongside health IT platforms, namely for eClinicalWorks and OCHIN Epic, to aid HCs in using the evidence-based CUES intervention that focuses on universal education approaches on IPV/HT/E. This guide is available as a PDF (4 pages) in English.
Health Center Health IT Emergency Response Resources Health Center Health IT Emergency Response Resources Ready to take the next step towards enhanced IT preparedness? The resources linked below, organized by topic, share actionable strategies that health centers can implement to move towards greater resilience.
Health Center Resilience in the Face of Cyber Adversity Health Center Resilience in the Face of Cyber Adversity The use of ransomware — malicious software that restricts access to computer systems with financial demands — has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the imperative of preparedness and the strength of a community-centered response in ensuring the continuity of healthcare services amidst the ever-growing tide of cyber vulnerabilities.
Navigating Compliance Challenges with the Information Blocking Rule: A Collection of Case Studies Navigating Compliance Challenges with the Information Blocking Rule: A Collection of Case Studies The Office of the National Coordinator for Health Information Technology’s (ONC) 21st Century Cures Act Information Blocking Rule (Info Blocking Rule) prohibits covered actors – including health care providers, health IT developers of certified health IT, and health information exchanges/health information networks– from engaging in practices likely to interfere with, prevent, or materially discourage access, exchange, or use of electronic health information (EHI). The Info Blocking Rule includes eight exceptions that provide actors with certainty that, when their practice interferes with the access, exchange, or use of EHI and meets the conditions of one or more exception, such practice will not be considered information blocking. An actor’s practice that does not meet all the conditions of an exception will be evaluated on a case-by-case basis to determine whether information blocking has occurred.