In The News

Below are the latest news stories highlighting the NCCoE. The following links to external websites are curated for your convenience. Inclusion of these stories does not imply NCCoE endorsement or responsibility for the content found on these external websites.

In the news
July 29, 2015  |  HealthcareDive

The National Cybersecurity Center of Excellence (NCCoE) at NIST has released a draft of its first guide on how to make mobile devices more secure to protect patient information.

In the news
July 28, 2015  |  GovInfo Security

New draft guidance from the National Institute of Standards and Technology instructs healthcare providers on the critical steps they should take to secure electronic health records on mobile devices, says Nate Lesser, who helped prepare the document.

In the news
July 28, 2015  |  National Law Review

The National Cybersecurity Center of Excellence (“NCCoE”) has released a draft for public comment of the first guide in a new series of publications “that will show businesses and other organizations how to improve their cybersecurity using standards-based, commercially available or open-source tools.” The guide discusses how to secure electronic health records on mobile devices.

In the news
July 28, 2015  |  Federal News Radio

People use mobile devices for almost everything nowadays — sometimes even for viewing sensitive information. It's not just the intelligence community that needs to keep its devices protected. Medical providers need a middle ground between security and convenience as well. To that end, the National Cybersecurity Center of Excellence has released a new set of rules to help health care providers keep their mobile devices as secure as possible. Gavin O'Brien is a project manager at NCCoE.

In the news
July 27, 2015  |  Cyber Security Caucus

The National Cybersecurity Center of Excellence, part of the U.S. Department of Commerce’s National Institute of Standards of Technology, is circulating a draft guidance on best practices for securing healthcare data on mobile devices.

The draft, entitled, “Securing Electronic Health Records on Mobile Devices,” is the first in a planned series of guidances on improving cybersecurity across many industries with the help of standards-based technology, the three-year old center announced.

In the news
July 27, 2015  |  FierceEMR

NCCoE actually created a laboratory with the scenario of a hypothetical primary care physician using a mobile device in various ways, each of which involves interaction with the physician's electronic health record, such as for referencing lab results. The guide acknowledges that there's been a 125 percent growth in the number of intentional cyberattacks on healthcare organizations over a five year period, and that mobile devices are "especially vulnerable" to such attacks.

In the news
July 27, 2015  |  HealthDataManagement

The National Institute of Standards and Technology has released a draft document aimed at healthcare information security, the first in a new series of guides intended to help enterprises and developers improve cybersecurity.

In the news
July 26, 2015  |  MedCityNews

The National Cybersecurity Center of Excellence, part of the U.S. Department of Commerce’s National Institute of Standards of Technology, is circulating a draft guidance on best practices for securing healthcare data on mobile devices.

In the news
July 26, 2015  |  SecureWorld

The National Cybersecurity Center of Excellence (NCCoE) has released a draft for public comment of the first guide in a new series of publications that will show businesses and other organizations how to improve their cybersecurity using standards-based, commercially available or open-source tools.

In the news
July 26, 2015  |  MobiHealthNews

The National Cybersecurity Center of Excellence (NCCoE), a division of the National Institute of Standards and Technology (NIST) has penned a five-part draft guidance on cybersecurity for mobile devices that connect to electronic health records. The guidance includes a step-by-step how-to guide for improving data security that uses commercially available and open source tools and technologies, as well as sections on standards and control mapping and risk assessment.