Skip to main content

Cyber Security

NYSDOH Advisory: Cyber Awareness Guidance for Providers (June2017)
NCCIC Incident Report: Intrusions Affecting Multiple Victims across Multiple Sectors (Apr2017)

HHS Cyber Resources

  •  Voluntary Cybersecurity Practices for Health Industry  (HHS 2019)

    Summary:This Reference Document is a collaboration of the U.S. Department of Health & Human Services (HHS) along with its industry partners.  Found within are details of how cybersecurity affects the healthcare industry.  It includes a set of voluntary, consensus-based principles and practices to improve cybersecurity in the health sector. Contained within this report are 5 well known cybersecurity threats that target the healthcare industry.  This document provides a basic description of the threat, gives a real-world scenario of how the threat can occur, its impact, and some quick tips when encountered.  In addition each threat lists the vulnerabilities of each, impact, and practices to consider.

  • CMS Recommendations to Providers Regarding Cyber Security
  • Healthcare Emergency Preparedness Information Gateway

FDA Resources

Other Resources


  • US HHS notice on WannaCry: provides mitigating steps, what to do if you are a victim, and pointers to other useful resources including the FDA 24/7 hotline (06/02/17)
  • US DHS alert on Indicators of Compromise for WannaCry: regularly updated, this contains a list of vendors with embedded Windows systems that have customer guidance about WannaCry, as well as links to other resources from DHS, Microsoft, and the FDA