Insider Risk Programs for the Healthcare and Public Health Sector: Implementation Guide

As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards such as terrorism, infectious disease outbreaks, and natural disasters.

Trusted insiders, both witting and unwitting, can cause grave harm to your organizations facilities, resources, information, and personnel. Insider incidents account for billions of dollars annually in “actual” and “potential” damages and lost revenue related to data breaches, trade secret theft, fraud, sabotage, damage to an organization’s reputation, acts of workplace violence, and more.

Implementation of an Insider Risk Program can help mitigate risks associated with trusted insiders. Click the links to learn how to establish an Insider Risk Program at your organization and develop a risk management strategy that addresses areas critical to healthcare and public health.

Related Resources

Letter/Comment
Public
The American Hospital Association (AHA) writes in support of the Protecting and Transforming Cyber Health Care (PATCH) Act (S.3983). AHA and its members are…
Advisory
Member
An arbitrator has ordered that Anthem Insurance Company, Inc. (“Anthem”) pay a group of 11 acute care hospitals in Indiana (“hospitals”) $4.5 million as…
AHA Center for Health Innovation Market Scan
Health care is under attack as never before from cybercriminals, and the stakes are rising for hospitals and patient safety. The latest potential threat: The…
Advancing Health Podcast
Public
Over the past few years every leader of health care organization in the country has had to acknowledge the threat of a cyberattack that has the potential to…
Advancing Health Podcast
Public
In this special Cybersecurity podcast we have the opportunity to talk to leaders of an AHA member hospital who was a victim of a major ransomware attack in the…
Letter/Comment
Public
AHA letter to Senators Jack Rosen and Bill Cassidy, M.D. voicing support of the Healthcare Cybersecurity Act (S.3904).