HHS guidance offers solutions to protect telehealth platforms from cybercriminals 

Jan 14, 2025 - 04:07 PM
cybersecurity-hand-lock-graphic_900x400

The Department of Health and Human Services Health Sector Cybersecurity Coordination Center Jan. 8 released guidance on cybersecurity for telehealth applications. The guide highlights the challenges of securing telehealth platforms due to vulnerabilities that can expose them to a range of cyberattacks, such as data breaches, structured query language attacks, ransomware, phishing and more. The guide lists several ways to secure and protect patient information. 

“As health care providers integrate telehealth platforms to better serve patients remotely and improve patient outcomes, especially for patients in rural or underserved areas, cyber adversaries consider these platforms an extension of a provider’s ‘attack surface,’” said John Riggi, AHA national advisor for cybersecurity and risk. “If not properly secured and network segmented, the telehealth platform’s technical infrastructure may be visible and accessible on the internet and provide access to a provider’s main networks. Using multi-factor authentication, zero-trust architecture, robust encryption and other steps recommended in the advisory will help protect provider networks and patient data.” 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
ASPR releases cybersecurity module to conduct risk assessments 
The Administration for Strategic Preparedness and Response has released a new cybersecurity module for organizations to conduct risk assessments. The free…
Perspective
Staying Cyber Alert and Cyber Ready
Public
As the world has learned in recent years, today’s conflicts are fought with many weapons, and cyber warfare is an integral part of the arsenal.As of this…
Headline
FBI reminds of potentially malicious activity by Iranian cyber actors
The FBI is reminding critical infrastructure organizations to implement mitigations from a June 2025 fact sheet on potential actions by Iranian-affiliated…
Headline
CISA report updates findings on RESURGE malware attacks
The Cybersecurity and Infrastructure Security Agency Feb. 26 released a report that updates findings from last year on RESURGE malware used to gain covert…
Headline
Agencies issue guidance on exploitation of Cisco systems by cyber actors 
U.S. and international agencies Feb. 25 released guidance on protecting Cisco Software-defined Wide-area Networking systems from exploitation by malicious…
Headline
NSA issues guidelines on zero trust architecture
The National Security Agency has released two phases of its Zero Trust Implementation Guidelines for organizations to improve their zero trust architecture.…