HITEQ Health Center Information Blocking Avenger

This badge is designed to support health center staff who work with data every day to tell a comprehensive story with their data and foster a data-driven culture. Materials include a dashboard design guide, the Learning to Love your Data webinar series, and a resource detailing how data visualization can be used to support value-based care.  Take some time to review the resources on this page and then fill out the submission form on the right and you will be rewarded with a Data Storyteller badge!  This is an official badge that is submitted by the HITEQ Center as a proof of completion to the blockchain. Your credentials can be added to profiles such as LinkedIn and verified through accreditation services such as Accredible and Open Badge.

Information Blocking Avenger Curriculum

Health Center Emergency Response Exercise Set

HITEQ Center, March 2025

Molly Rafferty 0 585

The exercise cards in this set present scenarios and response-related questions designed to provide a quick (5–10 minute) method for health center staff to: Refresh knowledge of the content in their emergency and cyber incident response plans; Examine and troubleshoot procedures in their emergency and cyber incident response plans; Identify improvements to their emergency and cyber incident response plans; and Increase staff capacity to operationalize the actions outlined in their emergency and cyber incident response plans. The scenarios and questions on these cards can serve as a starting point to spark discussions amongst your team about scenarios and responses that are specific to the context of your health center (e.g., what extreme weather events are most common in your area?). The first five cases describe environmental scenarios, and the last two cases describe cybersecurity scenarios.

Health Center Resilience in the Face of Cyber Adversity

A Case Study of the Family Health Center of Worcester’s Ransomware Incident, February 2024

Molly Rafferty 0 4365
The use of ransomware — malicious software that restricts access to computer systems with financial demands — has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the imperative of preparedness and the strength of a community-centered response in ensuring the continuity of healthcare services amidst the ever-growing tide of cyber vulnerabilities.

HITEQ Highlights: Enabling a Cyber-Resilient Health Center

HITEQ Highlights Webinar

Jodie Albert 0 4035

In this HITEQ Highlight, we aim to strengthen Health Centers' capacity to build their cyber-resiliency. We will cover risk management tools, methods for guarding against cybersecurity assaults, operationalizing cybersecurity to mitigate risks, and breach mitigation tactics. Participants will focus on safeguarding data across the entire enterprise and examine approaches to implementing cybersecurity infrastructure through risk management frameworks and strategic risk assessment. This session includes a case study of the Family Health Center of Worcester's Ransomware Incident presented by CEO Louis Brady.

Strategic Cybersecurity Investments: Leveraging American Rescue Plan Funding to Enhance Infrastructure and Services

HITEQ Highlights webinar

Molly Rafferty 0 16978

Healthcare continues to be the sector most targeted globally by ransomware and related malware attacks and leads in the average total cost of data breach across industries. The FY 2021 American Rescue Plan Funding provides an excellent opportunity for Health Centers to make strategic investments in cybersecurity infrastructure and services. This HITEQ Highlight, presented by Adam Kehler of Online Business Systems provides an overview of assets that can increase Health Center cybersecurity. Topics covered include cybersecurity infrastructure and services that can increase defense-in-depth for health IT, including EHRs, telehealth tools and services, mobile medical devices, patient portals, and related health information software applications.

Note: You can view our American Rescue Plan: Budget Your Cybersecurity Investments guidance document in the Documents to Download section below. An accessible version of the handout is is also available in the Documents to Download section. 

Ransomware Alert and Guidance for Health Centers

Updated 10/29/2020 with Ransomware Alert Notification and Documentation from CISA

HITEQ Center 0 52459

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have announced an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.  
 
CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that details both the threat and practices that healthcare organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats. The advisory references the joint CISA MS-ISAC Ransomware Guide that provides a ransomware response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans. 

It has been noted that hackers are using Ryuk ransomware — malicious software used to encrypt data and keep it locked up — and the Trickbot network of infected computers to steal data, disrupt health care services and extort money from health care facilities. Such data hijacking often cripples online systems, forcing many to pay up to millions of dollars to restore their services.

Find links and further documentation below

RSS
Data Storyteller Badge