Cyber and Physical Security Incident Preparedness and Response Resources
Cyberattacks, physical security threats and other risks facing hospitals and mission-critical third-party providers are escalating in both frequency and severity. Not only do these incidents shut down physical security and business operations, but they can also shut down life-critical technology — causing significant delay and disruption to patient care. The AHA has compiled valuable resources to help hospitals and health systems incorporate incident preparedness and response initiatives into their existing governance, risk management, and business and clinical continuity frameworks.
Support for Your Cybersecurity and Risk Program
The AHA can support your implementation of risk management practices. Learn more about the HHS Cybersecurity Performance Goals, and how dedicated resources and special offerings from AHA Preferred Cybersecurity & Risk Providers can help your hospital or health system meet them.
AHA Clinical Continuity Assessment Program
Led by the AHA’s team of nationally recognized health care cybersecurity and risk experts, this comprehensive assessment delivers recommendations across all functions to ensure you can maintain clinical and operational continuity for at least 30 days without critical technology.
Cybersecurity and Risk Resources for Rural Hospitals
Faced with limited resources, rural hospitals must rely on public and private support to help defend against today’s heightened barrage of cyberattacks. Explore resources to help rural hospitals mitigate cyberattacks and other sources of risk.
Prepare for Physical Threats
Physical threats and cyberthreats are intertwined challenges that pose risks to your entire enterprise. Learn ways to respond from AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee in this Cyber & Risk Intel blog.
American Society for Health Care Risk Management Resources
Find education events, publications and other resources for health care risk management professionals on the ASHRM website.
Government Risk Resources
The AHA has compiled valuable governmental resources to help hospitals and health systems develop their incident preparedness and response initiatives.
Hospitals Against Violence
The Hospitals Against Violence (HAV) initiative exists to share examples and best practices with the field about workplace and community violence.
Additional Valuable Risk Resources
A variety of trusted and credible public and private organizations across the nation offer information to help hospitals and health systems strengthen their cybersecurity and risk programs.
- Coordinated Healthcare Incident Response Plan (CHIRP)
- Operational Continuity – Cyber Incident (OCCI)
- #StopRansomware Guide
- HHS: HPH Cybersecurity Performance Goals
- HPH Sector Cybersecurity Framework Implementation Guide, Version 2 updated on March 2023
- Health Industry Cybersecurity: Operational Continuity - Cyber Incident Checklist
- Medical Device Cybersecurity Regional Incident Preparedness & Response Playbook Version 2.0 November 2022
- Medical Device Cybersecurity Regional Incident Preparedness & Response Playbook Quick Start Companion Guide November 2022
- Indiana Cybersecurity Hub
- ASPR Healthcare System Cybersecurity Readiness & Response Considerations Feb 2021
- Health Industry Cybersecurity Tactical Crisis Response [Hic-Tcr] May 2020
- The ASPR CLEAR Field Guide for Emergency Preparedness
- ASPR TRACIE Technical Assistance Request