Government , Healthcare , Industry Specific

Feds Seek Innovative Tech Ideas for Health Sector Security

Agency Requests Proposals for Applying National Security to Civilian Systems
Feds Seek Innovative Tech Ideas for Health Sector Security

A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. Today's off-the-shelf software is falling short, the agency said.

See Also: Healthcare in The Cloud: Detecting and Overcoming Threats to Ensure Continuity & Compliance

The Advanced Research Projects Agency for Health, or ARPA-H, a newly created agency within the Department of Health and Human Services, recently announced the launch of the Digital Health Security, or Digiheals, initiative. For the project, ARPA-H said it is seeking proposals "for proven technologies developed for national security" that can be applied "to civilian health systems, clinical care facilities and personal health devices."

ARPA-H is accepting proposals for Digiheals until Sept. 7 through the Scaling Health Applications Research for Everyone, or SHARE, Broad Agency Announcement program.

ARPA-H expects to make multiple Digiheals awards, depending upon the quality of proposals received and available funding.

HHS was granted authority to establish ARPA-H under the fiscal 2022 appropriations bill, which was signed into law by President Joe Biden in March 2022. The agency's mission is to improve the U.S. government’s ability to accelerate biomedical and health solutions.

Bolstering Sector Security

The Digiheals effort aims to help ensure that hospitals and doctors can continue to deliver healthcare services to patients in the wake of a widespread cyberattack on medical facilities, ARPA-H said.

Recent ransomware assaults have disrupted some services in the United States, forcing healthcare entities to divert ambulances and cancel or postpone patient care, which happened last week after the attack on Mississippi's Singing River Health System. Some other cybersecurity incidents have led to the permanent closure of entities, including Illinois' St. Margaret's Health in June (see: Mississippi Hospital System Still Struggling Attack).

"By adapting and extending security, usability and software assurance technologies, this digital health security effort will play a crucial role in addressing vulnerabilities in health systems,” said Andrew Carney, ARPA-H program manager, in a statement.

"This project will also help us identify technical limitations of future technology deployments and contribute to the development of new innovations in digital security to better keep our health systems and patients' information secure," he said.

Digiheals aims to adapt for healthcare sector implementation technologies developed for national security because offerings on today's marketplace aren't doing the job, ARPA-H said.

“Currently, off-the-shelf software tools fall short in detecting emerging cyberthreats and protecting our medical facilities, resulting in a technical gap we seek to bridge with this initiative," said Dr. Renee Wegrzyn, ARPR-H director, in the statement.

"The DIGIHEALS project comes when the U.S. healthcare system urgently requires rigorous cybersecurity capabilities to protect patient privacy, safety, and lives," Wegrzyn said.

"By focusing on cutting-edge security protocols, vulnerability detection, and automatic patching, this effort seeks to reduce the ability for bad actors to attack digital health software and enable the prevention of large-scale cyberattacks," ARPA-H said.

Besides addressing cybersecurity vulnerabilities, the Digiheals effort aims to identify and fix software-related weaknesses that affect patient safety and experience, ARPA-H said.

ARPA-H did not immediately respond to Information Security Media Group's request for additional details pertaining to the Digiheals effort.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.