HHS guidance offers solutions to protect telehealth platforms from cybercriminals聽

Jan 14, 2025 - 04:07 PM
cybersecurity-hand-lock-graphic_900x400

The Department of Health and Human Services Health Sector Cybersecurity Coordination Center Jan. 8 released guidance on cybersecurity for telehealth applications. The guide highlights the challenges of securing telehealth platforms due to vulnerabilities that can expose them to a range of cyberattacks, such as data breaches, structured query language attacks, ransomware, phishing and more. The guide lists several ways to secure and protect patient information. 

鈥淎s health care providers integrate telehealth platforms to better serve patients remotely and improve patient outcomes, especially for patients in rural or underserved areas, cyber adversaries consider these platforms an extension of a provider鈥檚 鈥榓ttack surface,鈥欌 said John Riggi, AHA national advisor for cybersecurity and risk. 鈥淚f not properly secured and network segmented, the telehealth platform鈥檚 technical infrastructure may be visible and accessible on the internet and provide access to a provider鈥檚 main networks. Using multi-factor authentication, zero-trust architecture, robust encryption and other steps recommended in the advisory will help protect provider networks and patient data.鈥 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit .

Related News Articles

Headline
CISA releases guidance following reported legacy Oracle cloud breach
The Cybersecurity and Infrastructure Security Agency April 17 released guidance to reduce risks associated with a reported breach of Oracle cloud services.鈥
Headline
Agencies issue guidance on navigating deceptive online recruitment of current and former federal employees
The National Counterintelligence and Security Center, the FBI, and the Defense Counterintelligence and Security Center yesterday released guidance on鈥
Headline
Senators reintroduce bipartisan bill expanding telehealth services
A bipartisan group of 60 senators April 2 reintroduced the CONNECT for Health Act, AHA-supported legislation that would expand patient access to telehealth鈥
AHA Cyber Intel
[Updated] 3 Must-know Cyber and Risk Realities: What鈥檚 Ahead for Health Care in 2025
While the rate of cyberattacks on hospitals has risen dramatically, the severity of the impacts has also grown exponentially. Let鈥檚 look at the state of cyber鈥
Headline
House subcommittee holds hearing on cybersecurity vulnerabilities in legacy medical devices
The House Energy and Commerce Oversight and Investigations Subcommittee April 1 discussed cybersecurity threats in legacy medical devices during a hearing. The鈥
Headline
Administration extends national emergency for cyber threats
The Trump Administration March 28 announced that it renewed for one year the public emergency for ongoing malicious cyber-enabled activities against the U.S.鈥