It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches. As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department. This learning collaborative will address health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, telehealth risk management strategies, and incident response planning from a cybersecurity perspective.

This series will equip health centers and their staff to:  

1. Describe resources, frameworks, and methods for strategic implementation of cybersecurity infrastructure and services
2. Describe essential cybersecurity tools and services that can help decrease the risk of a data breach
3. Use best practices in cybersecurity when implementing modern telehealth tools and RPM initiatives
4. Adopt cybersecurity risk management paradigms and incident response planning templates.

This learning collaborative will provide participating health centers a series of four structured virtual learning sessions where they will engage with facilitators, subject matter experts and their colleagues in peer-to-peer learning and discussion.

It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches. As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department. This learning collaborative will address health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, telehealth risk management strategies, and incident response planning from a cybersecurity perspective.

This series will equip health centers and their staff to:  

1. Describe resources, frameworks, and methods for strategic implementation of cybersecurity infrastructure and services
2. Describe essential cybersecurity tools and services that can help decrease the risk of a data breach
3. Use best practices in cybersecurity when implementing modern telehealth tools and RPM initiatives
4. Adopt cybersecurity risk management paradigms and incident response planning templates.

This learning collaborative will provide participating health centers a series of four structured virtual learning sessions where they will engage with facilitators, subject matter experts and their colleagues in peer-to-peer learning and discussion.

It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches. As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department. This learning collaborative will address health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, telehealth risk management strategies, and incident response planning from a cybersecurity perspective.

This series will equip health centers and their staff to:  

1. Describe resources, frameworks, and methods for strategic implementation of cybersecurity infrastructure and services
2. Describe essential cybersecurity tools and services that can help decrease the risk of a data breach
3. Use best practices in cybersecurity when implementing modern telehealth tools and RPM initiatives
4. Adopt cybersecurity risk management paradigms and incident response planning templates.

This learning collaborative will provide participating health centers a series of four structured virtual learning sessions where they will engage with facilitators, subject matter experts and their colleagues in peer-to-peer learning and discussion.

It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches. As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department. This learning collaborative will address health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, telehealth risk management strategies, and incident response planning from a cybersecurity perspective.

This series will equip health centers and their staff to:  

1. Describe resources, frameworks, and methods for strategic implementation of cybersecurity infrastructure and services
2. Describe essential cybersecurity tools and services that can help decrease the risk of a data breach
3. Use best practices in cybersecurity when implementing modern telehealth tools and RPM initiatives
4. Adopt cybersecurity risk management paradigms and incident response planning templates.

This learning collaborative will provide participating health centers a series of four structured virtual learning sessions where they will engage with facilitators, subject matter experts and their colleagues in peer-to-peer learning and discussion.

This session sought to motivate and educate Health Center staff and leadership on current critical cybersecurity threats, concepts, and methods for the defense of health data. A panel of cybersecurity experts addressed questions on how to best protect the health center from both internal and external network leaks, through malware such as ransomware, and through physical means on-site.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organizations.

 In situations of medical complexity, who has access to information about an older adult's health information – including mental health and substance use history and treatment – can be a complicated issue. In this virtual training, a complex older adult health situation was presented. The legal issues related to the privacy of protected health information were reviewed by Jacqueline Seitz, JD, and Christine Khaikin, JD from the SAMHSA-funded Center of Excellence for Protected Health Information (CoE-PHI). Dr. Rebecca Allen discussed ethical issues inherent in the case, highlighting common issues in meeting the needs of older adults while assuring that the right people have the right information. A broader discussion of these issues were lead by  the E4 Center of Excellence for Behavioral Health Disparities in aging.

Objectives:

Describe when and how the federal privacy laws apply to the Protected Health Information (PHI) of Older Adults
Identify ethical considerations related to PHI, autonomy, and paternalism
Recognize how to access resources and technical assistance through the E4 Center and the CoE-PHI

Find a list of job descriptions that can be used to help describe various health information and technology, as well as cybersecurity, employment options. This information was compiled in early 2022.

A variety of health information and technology positions are represented. This information is intended to assist health centers in understanding the many different domains of the profession as well as possible job descriptions that could be useful during recruitment.

Are you capturing information like immigration or refugee status, intimate partner violence, human trafficking, risk of acquiring HIV through sexual contact or substance use disorder, or other information that brings up questions about how to document or code while respecting the patient’s privacy?

This health center learning collaborative series will present health center case examples that explore the privacy and data sharing considerations of EHR documentation of sensitive patient information, such as social history and social risk, and encourage participants to discuss the implications for health centers and their patients. 

Are you capturing information like immigration or refugee status, intimate partner violence, human trafficking, risk of acquiring HIV through sexual contact or substance use disorder, or other information that brings up questions about how to document or code while respecting the patient’s privacy?

This health center learning collaborative series presented health center case examples that explore the privacy and data sharing considerations of EHR documentation of sensitive patient information, such as social history and social risk, and encourage participants to discuss the implications for health centers and their patients.