Healthcare and Public Health Sector Cybersecurity Notification

Posted in RESOURCES

Mary Madison, RN, RAC-CT, CDP 
Clinical Consultant – Briggs Healthcare

Xavier Becerra, Secretary of the U.S. Department of Health and Human Services issued this letter on December 30, 2021:

Health Care and Public Health Leaders:

Ensuring the safety and security of the nation’s critical health infrastructure is a top priority for the U.S. Department of Health and Human Services (HHS), particularly as we continue to respond to the COVID-19 pandemic.

I am writing to remind you that during the holidays we often see an uptick in cyberattacks and to ask for your help in remaining vigilant against these threats. Additionally, recently, cybersecurity experts identified a vulnerability within Apache Log4j, a ubiquitous piece of software that exists in thousands of applications – including control systems for medical devices and hardware – that, if exploited, could result in data exfiltration or ransomware and significantly disrupt your ability to deliver health care and pose a threat to national security.

As a result, I strongly encourage you to:

As health care and public health leaders, we rely on your vigilance and partnership to protect our country from nefarious actors looking to disrupt or exploit our critical health infrastructure.  Thank you for your ongoing partnership and for whatever steps you can take to stay vigilant during this holiday season.

If you have any questions or need assistance, please contact the cip@hhs.gov (HHS Critical Infrastructure Division).