CHA News

HHS Establishes Voluntary Cybersecurity Goals for Health Care

This post has been archived and contains information that may be out of date.

What’s happening: The U.S. Department of Health and Human Services (HHS) has released voluntary health care-specific cybersecurity performance goals (CPGs) to help organizations prioritize implementation of high-impact cybersecurity practices. 

What else to know: The CPGs include 10 essential and 10 enhanced goals. They are based on multiple cybersecurity frameworks and directly address common attack vectors against U.S. domestic hospitals as identified in the 2023 Hospital Cyber Resiliency Landscape Analysis.