HHS Deputy Secretary Palm discusses Change Healthcare attack and future of cybersecurity

Apr 16, 2024 - 02:09 PM
Department of Health and Human Services Deputy Secretary Andrea Palm at AHA's 2024 Annual Membership Meeting

Department of Health and Human Services Deputy Secretary Andrea Palm addressed AHA Annual Membership Meeting attendees about the Administration鈥檚 work to improve access to care and increase the number of people with health insurance, as well as the Change Healthcare cyberattack and what cybersecurity looks like in the future.

鈥淲e鈥檝e been in a live fire exercise recently and are learning lessons that inform the ways we will move forward,鈥 she said. 鈥淭hese attacks happen 鈥 it鈥檚 not an if; it鈥檚 a when.鈥

HHS in January released cybersecurity performance goals for the health care sector, and Palm discussed the ways the Administration intends to support hospitals and health systems as they adopt best practices when it comes to protecting patients鈥 information and hospital networks as a whole. She specifically mentioned supporting rural hospitals, which may not have the resources to reach the goals on their own.

Palm also said that while the worst of the cyberattack on Change Healthcare may be over, HHS will continue to support hospitals and health systems as they recover. 鈥淲e know the burden is easing, but we will continue to stay connected until everything is 100% operational.鈥

Palm emphasized that it also presented opportunities to learn, analyze and prepare for the next attack.

鈥淭here鈥檚 a ton of work for us to continue to do together,鈥 she said. 鈥淚 am excited to do that work with you and improve the health and well-being of people in this country.鈥
 

Related News Articles

Headline
Illinois health system leader to receive AHA Justin Ford Kimball Innovators Award聽
The AHA May 5 will award Jim Leonard, M.D., president and CEO of Carle Health in Urbana, Ill., the 2025 Justin Ford Kimball Innovators Award during the AHA鈥
Headline
NSA report includes recommendations for OT device security
The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical鈥
Chairperson's File
Chair File: Leadership Dialogue 鈥 Cybersecurity in Health Care with John Riggi, AHA鈥檚 National Advisor for Cybersecurity and Risk
Public
Cybersecurity and physical threats are unfortunately significant enterprise risks for health care, regardless of size or location. Every hospital, physician鈥
Headline
CISA releases guidance following reported legacy Oracle cloud breach
The Cybersecurity and Infrastructure Security Agency April 17 released guidance to reduce risks associated with a reported breach of Oracle cloud services.鈥
Headline
CMS notifies states it will not approve or match funds for designated state health, investment programs聽
The Centers for Medicare & Medicaid Services April 10 announced that it does not intend to approve new or extend existing requests for federal funds to鈥
Headline
AHA comments on CMS Marketplace Integrity and Affordability proposed rule聽
The AHA April 11 commented on the Centers for Medicare & Medicaid Services鈥 2025 Marketplace Integrity and Affordability proposed rule. While the AHA鈥