Advancing cybersecurity awareness in the healthcare and public health sector
Published 26 minutes ago
Proposed by TetraTech
Tetra Tech’s Federal Computing Group is applying artificial intelligence (AI) and automation tools to the US Department of Health and Human Services (HHS) to increase reach within the healthcare and healthcare community. public health (HPH).
Protecting protected health information (PHI) is a top priority at HHS. In 2015, Congress passed the Cybersecurity Act of 2015, Section 405(d), directing HHS to establish consensus-based guidelines, best practices, procedures, and processes for addressing cyber threats in the health sector. To help HHS fulfill this mandate, EGlobalTech of Tetra Tech Federal IT Group guided the strategic direction and executed the 405(d) program. The campaign culminated in the creation of the publication “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP)” and accompanying initiatives to drive adoption of the practices across the HPH industry.
After the publication of the HICP was completed, Tetra Tech assisted in strategic communications and branding efforts to raise awareness of the publication and other 405(d) initiatives.
Layer of traditional tools and AI to reach a broad HPS community
To develop the HICP publication, Tetra Tech launched a 405(d) task force of 150 HPH stakeholders and facilitated regular meetings and discussion sessions. Effective stakeholder management was key to identifying priorities, risks and reaching agreement on pressing health sector needs. Our team documented the cyber risk mitigation measures developed by the working group, provided cybersecurity experts to validate the proposed guidance, and facilitated discussions to resolve conflicting viewpoints throughout the drafting process.
Once the HICP release was finalized, Tetra Tech assisted with strategic communications and branding campaign to raise awareness of the release and other 405(d) initiatives. We conducted outreach activities at many levels, including developing and distributing newsletters, guiding webinars, organizing public events and producing social media campaigns.
Tetra Tech applied a bespoke beta AI and automation tool to increase reach with the wider HPS community. HHS recognized the need for easy-to-use cyber risk management content to reach a wider audience. The Tetra Tech Federal IT Innovation Lab offered a custom conversational chatbot to convey highly technical material into digestible and actionable content. HHS would also benefit from the tool’s real-time analytics to guide chatbot learning and target audience priorities.
Tool adaptation and use of Analytics for Insight
Tetra Tech has launched a pilot program to enable rigorous testing by the 405(d) working group. The chatbot answered questions from members of the HPS sector about the task force’s mission, directed users to sections of the HICP publication, explained cybersecurity concepts, directed users on how to report cyber incidents, and explained acronyms healthcare cybersecurity.
Tetra Tech has developed an Orientation Dashboard to monitor performance and provide insights and insights into frequently asked questions. The dashboard featured usage analytics, questions asked by users, number of user requests received, estimates of time saved by users, and chatbot response rate. This information was available for further tuning of the chatbot to improve its performance over time and the effectiveness of delivering important IT risk mitigation information to members of the HPS community.
Tetra Tech’s support of the 405(d) program demonstrates the power of effective stakeholder engagement, which is often overlooked in cybersecurity initiatives, and the application of AI-powered automation, a concept that is not commonly applied to stakeholder engagement in cybersecurity. The program continues to play a key role in protecting PHI in the HPS industry.