The Population Health ISAO (PH-ISAO) is the cyber intelligence community for healthcare professionals working together to meet regulatory requirements, reduce cyber risk, and identify cyber threats in the healthcare environment.
Who does the PH-ISAO help?
The Population Health ISAO prioritizes the cyber-readiness needs of small to mid-sized safety net facilities and health systems (e.g., Community Health Centers, behavioral health centers, rural or community hospitals) as these facility types increasingly are sharing data with larger entities and one another. The Health Care Industry Cybersecurity Task Force “Report on Improving Cybersecurity in the Health Care Industry” highlights the risks of including smaller providers in health information exchanges (HIEs), a key vehicle for interoperability:
“A potential attack profile starts with the compromise of a smaller health delivery organization where the attacker increasingly exploits vulnerabilities until they acquire valid credentials necessary to gain access to a health information exchange and/or partner hospitals. While information security is often combined within IT budgets and remain flat or decrease each year because of competing priorities within the environment, the patient/industry is at great risk of a cyber attack that could seriously impact the safety of patient.”