Microsoft & Google Offering Free and Discounted Cybersecurity Services to Rural Hospitals
Under the Biden administration’s Health Sector Cyber Initiative, Microsoft and Google have committed to providing critical access and rural hospitals with free and heavily discounted services to help them improve HIPAA cybersecurity.
Cyber threat actors are targeting the healthcare industry and attacks are increasing. In 2023, the healthcare sector suffered more ransomware attacks than any other critical infrastructure sector, with attacks up 130% from the previous year, and healthcare cyberattacks increased by 128% from 2022 to 2023. To combat these attacks, resilience needs to be improved across the healthcare sector; however, many hospitals simply do not have the funds to invest in cybersecurity, and that is especially true for rural hospitals. Successful cyberattacks on rural hospitals can be devastating, especially for smaller, independent critical access and rural emergency hospitals.
A critical access hospital is a designation given to rural hospitals by the Centers for Medicare and Medicaid Services (CMS) when they are more than 35 miles from the nearest hospital or more than 15 miles from other hospitals in mountainous areas. A cyberattack on a critical access hospital that takes essential systems out of action, and requires emergency rooms to be placed on divert puts lives at risk. Further, due to their remote locations, these hospitals often struggle with staffing, making the resource-intensive manual workarounds when recovering from cyberattacks even more difficult. These hospitals often struggle financially and have extremely limited means to prevent and remediate security risks. They are also one of the top targets for cyberattacks. There are between 1,800 and 2,100 critical access and rural hospitals in the United States, and they serve more than 60 million Americans.
The Biden-Harris Administration has recognized the critical role of these hospitals and is taking steps to help them improve cybersecurity. On June 10, 2024, the White House announced that commitments have been obtained from private sector partners to improve the security and resilience of the rural hospital system.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The White House, in collaboration with the American Hospital Association and the National Rural Health Association, obtained commitments from Microsoft and Google to provide free or low-cost assistance to independent critical access hospitals and rural hospitals to help them improve cybersecurity.
Microsoft will provide nonprofit pricing, grants, and up to 75% discounts for security products that are optimized for smaller organizations. Larger rural hospitals that are already paying for eligible Microsoft solutions will be provided with its most advanced security suite for no extra cost for a year. Free cybersecurity assessments by qualified technology security providers will also be provided to identify risks and security gaps, as well as free training for frontline and IT staff at eligible rural hospitals and security updates for Windows 10 for one year at no cost.
“President Biden is committed to every American having access to the care they need, and effective cybersecurity is a part of that. So, we’re excited to work with Microsoft to launch cybersecurity programs that will provide training, advice, and technology to help America’s rural hospitals be safe online” said Anne Neuberger, Deputy National Security Advisory for Cyber and Emerging Technologies.”
Google has committed to providing endpoint security advice to rural hospitals and non-profit organizations at no cost and a pool of funding to support software migration. Google will also launch a pilot program with rural hospitals to develop a package of security capabilities that meet the unique needs of rural hospitals.
“Cybersecurity is a top priority for America’s hospitals and health systems. It is also a shared responsibility,” said AHA President and CEO Rick Pollack. “While hospitals and health systems have invested significant resources to guard against cyberattacks, they cannot do it alone, which is why these commitments from Microsoft and Google are important. It’s no secret that many rural hospitals across America are struggling as they serve as a health care lifeline in their communities so keeping them safe is essential.”
