Guide issued for healthcare organizations on cyber governance frameworks for secure AI implementation

The Health Sector Coordinating Council's Cybersecurity Working Group has released a guide to help healthcare organizations establish cyber governance frameworks for secure artificial intelligence implementation. The guide addresses challenges in identifying and mitigating AI-specific cyber risks, including data poisoning, model drift and adversarial attacks, while ensuring compliance with current regulations. It also explores a spectrum of AI technologies used in healthcare, including traditional machine learning models, generative AI and agentic AI systems capable of autonomous action.

"This comprehensive guide is a must-read for all healthcare organizations, vendors and suppliers as the development and implementation of various forms of AI into healthcare settings has become widespread at tremendous speed and scale," said John Riggi, AHA national advisor for cybersecurity and risk. "The secure-by-design and implementation recommendations offered in this guide will help mitigate unintended cybersecurity risk and consequences of AI use in healthcare and help prevent adversarial exploitation of AI-related technical flaws. Mitigating AI cybersecurity risk is part of cyber safety, and cyber safety is patient safety."

For more information on this or other cyber and risk issues, contact Riggi at [email protected]. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.