Before the Cyber Operations Center (CyOC) was created, reporting was done via manual and labor-intensive processes requiring hundreds of man-hours, impacting the Agency’s ability for timely reporting leaving the agency with the inability to identify a single point of contact to view agency compliance as a whole.
Defense Health Agency (DHA) is currently migrating Military Treatment Facilities (MTF) into a DoD JIE CSRA compliant Medical Community of Interest (Med-COI) architecture. As a precursor to accessing the new Electronic Health Record (EHR), each MTF requires an evaluation of Information Technology assets and services. MTFs must undergo an in-depth Risk Management Framework (RMF) evaluation to receive an Authorization to Operate (ATO) on the Med-COI.
The Defense Health Agency’s (DHA) Enterprise Intelligence Data Solutions (EIDS) Program Management Office (PMO) MHS Information Platform’s (MIP) enclave mission objective is to seamlessly deliver the right information to the right person at the right time to Military Health System (MHS) stakeholders and partners in a safe, effective, efficient, timely, and cost-effective manner using Amazon Web Services (AWS).
The Health IT community has embraced an accelerated progression to cloud-based services and capabilities. With this progression comes a necessary question: ”What do we do next” when addressing critical cyber activities like Continuous Monitoring (CM) and persistent Risk Management (RM) “as a Service”?
82% of healthcare providers that have implemented Internet-of-Things (IoT) devices have experienced a cyberattack on at least one of those devices over the course of the past 12 months.
The biggest threat from these IoT cyberattacks is the theft of patient data.
If 2020 has been anything, it has been a stress-test on the ability of organizations to adapt to rapid and disruptive change. Some organizations are waiting to a return to normal, while others have accepted the present state as the new normal. Regardless of which outcome you are experiencing, one thing is almost certain certain; the dynamic of teleworking has changed.
As you begin to do your research on reaching CMMC guidelines, one of the first questions you’re likely trying to answer is what level your company needs to meet. It’s one of the first questions asked, and rightfully so; once you know what CMMC level you need to meet to reach compliance, all you have to do is begin implementing the controls and guidelines to reach compliance.