Language Translation
  Close Menu



Just What the Doctor Ordered: How Cyber is Protecting Healthcare

Thursday, May 11, 2023

Blog topics: 

By Chetrice Mosley-Romero

When it comes to cybersecurity, hospitals, and health care organizations -- supported by the dedicated people, who work tirelessly to take care of all of us -- represent the very definition of critical infrastructure that exists within our communities.

As we prepare to celebrate National Hospital Week, it’s important to know that right here in Indiana, there’s a free-to-download resource -- Healthcare Cyber in a Box -- that is already making a difference when it comes to providing small- to medium-sized healthcare institutions with the ability to create more of the critical systems that are needed for keeping their operations secure. At the same time, it is helping to protect their patents and preserve both their digital, as well as physical, well-being.

The Healthcare Cyber in a Box Toolkit provides an organization with three levels of expert guidance -- basic, intermediate, and mature -- involving 10 critical areas of cybersecurity. This guidance also provides specific, actionable information on how a health care organization can address each area of concern, everything from email protections, system access and asset management to laptop and workstation protections, as well as information about what specific threats each of these areas seeks to protect against.

Created with the expertise of a group of cybersecurity and information security professionals, who work in the healthcare profession in Indiana, the Toolkit is part of an ongoing initiative to help educate and support all Hoosiers. It is also an example of the work that’s been achieved over the past six years by the Indiana Executive Council on Cybersecurity (IECC). The IECC is responsible for creating the cybersecurity policies and initiatives in Indiana, on behalf of all Hoosiers, businesses, and local government.

The initiative for bring about these protections began in 2019, with the adoption of the Section 405(d) Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients. The 405(d) Working Group and the Health Sector Coordinating Council, together with numerous provider, government, and industry volunteers are to be commended for making this a reality.

At a time when all institutions face greater threats from cybercrime, it’s difficult for a lot of organizations to possess all of the necessary resources, when it comes to people, processes, technology, and the budgets, to establish even basic protections. For healthcare, this is especially critical, given the fact that hospitals, clinics, and doctor’s offices are responsible for maintaining and processing some of the most sensitive data, both as it relates to a patient’s personal and financial information, in addition to their medical records.

* * *

Another new cyber resource that’s available for healthcare pros is the “Cybersecurity for the Clinician” Video Series.

It is a free-to-download cybersecurity training video series that explains in easy, non-technical language the basics for how cyberattacks can affect clinical operations and patient safety, and how clinicians can do their part to help keep healthcare data, systems, and patients safe from cyber threats without losing time away from their patients.

Developed by the Health Sector Coordinating Council (HSCC), clinicians, students, professionals, and institutions with training programs are welcome and encouraged to download the series on YouTube or in eLearning format at: For a preview, go to:

Just as we’re always searching for a cure to whatever it is that’s ailing us, it’s encouraging to know that we’ve got some talented and dedicated people, right here in Indiana, who are working on cybersecurity solutions to keep us all safe.