ASHE Cybersecurity


Managing threats to protect patients, staff and visitors is one of the primary responsibilities of a health care physical environment professional. ASHE seeks to aid members in developing effective cybersecurity best practices and policies at their facilities. This page includes links to cybersecurity recommendations, articles, resources and more.


Health Industry Cybersecurity Practices:
Managing Threats and Protecting Patients 

Developed by the U.S. Department of Health & Human Services (HHS), these recommendations include the top cybersecurity threats that the health care field faces and recommendations on practices to mitigate those threats.

Read more

Healthcare System Cybersecurity:
Readiness & Response Considerations

The HHS Office of the Assistant Secretary for Preparedness and Response (ASPR) has sponsored the ASPR Technical Resources, Assistance Center, and Information Exchange (TRACIE), designed to help health care facilities better prepare for the roles and responsibilities of team members before, during and after a cyber incident. Information within this document are specific to the effects of a cyber incident on the health care environment.

Read more

Health care facilities battle cyberattacks during pandemic

As health care organizations have responded quickly to deal with the fast-moving nature of the COVID-19 pandemic, three major factors have contributed to creating a climate ripe for cyberattacks against the field. Check out the Health Facilities Management article here to learn more. 

Read more

Building cybersecurity into health care facilities

A safer, more efficient and compliant environment for health care facilities can be achieved by using data analytics with inputs from field sensors and outputs to field controllers. However, as devices that make up a facility‚Äôs operational technology (OT) become more network connected, cyber risk expands. Check out this Health Facilities Management article to learn more. 

Read more

Best Practices Framework for Health Care Cyber-Physical Protection: For the Project Construction Team

by Tim Koch PE LEED AP; HDR,
     Dr. Owen Redwood CISSP GICSP, NARI;
     Ken Hansen PE MBA, UNMC;
     David Hahn, HDR

Electrical and mechanical systems are exposed to cyber-threat as they become smarter and network connected. This monograph addresses best practices for the design and construction process, rather than addressing any minimum cyber-protective requirements for equipment manufacturers. System-based thinking and planning of network-based building systems is paramount.

Read more