Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook
This playbook outlines a framework for health delivery organizations (HDOs) and other stakeholders to plan for and respond to cybersecurity incidents around medical devices, ensure effectiveness of devices, and protect patient safety. This document can help HDOs to prepare for and respond to ransomware attacks.
Essential Clean-Slate Cyber Recovery Assessment for Time-Critical Processing
This document outlines a framework and set of criteria for assessing an organization’s ability and time to recover from a devastating cyberattack. Assessment criteria provide stakeholders with a common language for analyzing recoverability, and the framework offers a method for performing introspective assessments. These tools can help organizations better ensure that they are prepared and able to execute recovery plans in the event of a ransomware or other cyberattack.
The ASPR TRACIE Healthcare System Cybersecurity: Readiness & Response Considerations resource can help healthcare facilities, particularly hospitals, and the systems they may be a part of, understand the roles and responsibilities of stakeholders before, during, and after a cyber incident. Information within this document is specifically related to the effects of a cyber incident on the healthcare operational environment, specifically the ability to effectively care for patients and maintain business practices and readiness during such an event. While the focus of this document is on disruptions associated with a large-scale cyberattack, many strategies and principles outlined are relevant to a range of cybersecurity incidents and healthcare facilities.