Minnesota Providers Need Stronger Cybersecurity Measures
Posted on October 20, 2022 by Erin Huppert
Minnesota Critical Infrastructure Providers, including those in health care and some long-term care, will be asked to complete new cybersecurity requirements, according to a state executive order.
All service providers rely on systems potentially vulnerable to cybersecurity threats and will be required to take actions to protect their system security, including:
- Registering with a state operations center;
- Identifying a point-of-contact; and
- Completing an annual risk assessment.
For now, members are encouraged to wait for more information before registering or completing any assessments.
Last week, the Minnesota Department of Health (MDH) communicated with a broad group of licensed providers, organizations, and service delivery partners to join efforts to protect your and the state's critical internet infrastructure.
Compliance
For entities that will need to comply, they will:
- Register your system owners and identified staff with MN Fusion Center.
- Register your system owner and staff with the Minnesota Fusion Center (MNFC). Personnel responsible for system ownership, system operations, and cybersecurity are expected to register at MNFC; there is no limit to how many may register. Register under "Partners Membership," complete the biographic information, then select the Critical Infrastructure applicable Key Resources Sector. Most LeadingAge Minnesota members will choose "Health Care and Public Health."
- IT and cyber security personnel should select "Information Technology" and a sector,
- Registration questions can be directed to mn.fc@state.mn.us.
- Report cyber-attacks using guidance at the State Security Operations Center (SOC).
- Look for additional information soon from MDH and DHS on materials to conduct a cybersecurity self-assessment. You may also choose to have an assessment completed by an outside entity.
What needs to be done?
For now, hold tight. This is a developing issue. LeadingAge Minnesota is working with state agencies to learn more about the requirements and timing of this executive order, who is required to participate, and what key implementation dates are. Look for additional information and resources from us soon.
Comments
Add a comment
Members must sign in to comment
You must be a member to comment on this article. If you are already a member, please log in. Not a member? Learn how to join »
No one has commented on this article yet. Please post a comment below.