The DNA of Healthcare

Visit Corporate Site

Healthcare Cybersecurity Awareness Resources

Wooden table in sunny office with big windows
Director of Strategy and Innovation

This is Cybersecurity Awareness Month which is championed by the Cybersecurity & Infrastructure Security agency.

Cybersecurity awareness can keep you busy in the healthcare industry, but awareness is key to an effective cybersecurity strategy. In the spirit of awareness, I wanted to share some great information resources that I use.

General Healthcare Industry Cybersecurity Education

Health IT Security
This website is dedicated to education and help readers address any potential threats. This site offers easy-to-read news articles – for healthcare privacy experts. You can sign up for weekly newsletter highlighting content. Also available on this site is a list of upcoming webinars on the latest cybersecurity topics.

Cybersecurity Best Practice Resources

HIMSS Cybersecurity and Privacy
The HIMSS organization targets healthcare providers and health systems as their audience. They have a Cybersecurity and Privacy resource center which includes items like on-demand webinars, reports and articles.

HIPAA Journal
The HIPAA Journal is a great resource for anything HIPAA. However, this website also reports healthcare breaches along with details like number of records and the cause. This gives you a way to understand the scope of the problem. The site also covers the requirements (process) of the HIPAA notification rule for reporting breaches.

Cybersecurity & Infrastructure Security agency (CISA)
The CISA site has a portion of their website dedicated to cybersecurity and cybercrime. Unlike most websites, this not only includes best practices but also a forum focused entirely on “bad practices” that lead to vulnerabilities.

HHS (U.S. Department of Health & Human Services
Lisa Pino wrote a great blog “Improving the Cybersecurity Posture of Healthcare in 2022” which you can find on This blog lists some best practices but also includes links to different sites to other resources on different topics like ransomware, general cybersecurity best practices – all kinds of good stuff.

Cybersecurity Standards

Kantara Initiative
This is a non-profit organization that develops standards for identity and personal data management. Their mission is “improving trustworthy use of identity and personal data through innovation, standardization, and good practice.” Their resources are on the technical side, and one item on the list is the “Identity Assurance Framework .” Check out their resources page.

National Institute of Standards and Technology (NIST)
NIST is part of the U.S. Department of Commerce and efforts focus on measurement and standards. There is a lot more to it, but you might recognize the organization based on the NIST IAL2 standard which is often used in healthcare cybersecurity. They have a robust publications tab but looks a bit overwhelming. You might be specifically interested in the “Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide.”

I hope this helped you find some sources that you can use to help with healthcare cybersecurity awareness.

The DNA of Healthcare

At LexisNexis Risk Solutions, our goal is to provide the healthcare industry with insights and innovations to improve outcomes, grow market share, reduce fraud and increase compliance.

Related Articles

healthcare digital identity strategy

Four Pillars of Digital Identity Strategy

The following four pillars of digital identity show why you should align your strategy to include them. Each pillar brings its own value but with a holistic approach, digital identity is a powerful component of a strong defense strategy.

Read More
These blogs are published for information purposes only and can be statements of opinion. Although we LexisNexis rigorously check the accuracy of all information at the time of publishing the blogs, no representations or warranties are expressed or implied as to the blog, its contents and any accompanying materials and it should not be relied upon for acting in specific circumstances. Although links to external websites on any blog posts are tested and deemed accurate at the time of the blog posting, we LexisNexis accept no liability for such links to external websites and do not endorse or warrant in any way any materials available through such links or any privacy or other practices of such sites. In addition to this blog disclaimer, access and use of the blogs is governed by the LexisNexis website.