Health Information Security Resources

Below are links to free resources for security-related issues. Bookmark this page and check back periodically; as more resources are discovered, this page will be updated.

These links and samples are being provided as a convenience and for informational purposes only; they do not constitute an endorsement or an approval by KFMC. If we can help, please contact the KFMC Practice Transformation Team.

Cybersecurity

Cyber Threat Resources

  • Cyber Security Guidance Material—Office of Civil Rights, US Department of Health and Human Services resources for HIPAA Security Rule
  • Phishing Guidance: Stopping the Attack Cycle at Phase One—Cybersecurity Infrastructrure and Security Agency (CSA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) (PDF)
  • COVID-19 Email Phishing Against US Healthcare Providers—Office of Civil Rights, US Department of Health and Human Services FBI Alert with attack indicators and recommended actions (PDF)
  • Selecting and Safely Using Collaboration Services for Telework—National Security Agency criteria considerations including encryption, multi-factor authentication, sharing features of collaborative software such as WebEx®, GoToMeeting®, Microsoft Teams®, Zoom® and other tools (PDF)
  • COVID-19 VTC Exploitation—US Department of Health and Human Services, Health Sector Cybersecurity Coordination Center white paper on exploitation, mitigation and remediation of vulnerabilities in video teleconferencing applications (PDF)
  • COVID-19 Cyber Threats—US Department of Health and Human Services, Health Sector Cybersecurity Coordination Center brief on increased malicious activity and methods used by threat actors (PDF)

Security Training

Privacy-Security Incidents/Breaches

Business Associate Agreements

Policies and Procedures

Cloud Computing Environment

Disaster Preparedness and Recovery Plan

Security Risk Assessment and Security Rule Implementation