As ransomware events continue to plague U.S. health systems, the federal Advanced Research Projects Agency for Health (ARPA-H) has launched the Digital Health Security (Digiheals) project to protect health systems' data infrastructure.
The project will solicit proposals for proven technologies developed for national security and apply them to civilian health systems, clinical care facilities, and personal health devices.
“The Digiheals project comes when the U.S. healthcare system urgently requires rigorous cybersecurity capabilities to protect patient privacy, safety, and lives,” said Renee Wegrzyn, Ph.D., ARPA-H director, in a statement. “Currently, off-the-shelf software tools fall short in detecting emerging cyberthreats and protecting our medical facilities, resulting in a technical gap we seek to bridge with this initiative.”
Digiheals aims to ensure patients continue to receive care in the wake of a widespread cyberattack on a medical facility — like those that have caused hospitals to close their doors permanently.
By focusing on cutting-edge security protocols, vulnerability detection, and automatic patching, this effort seeks to reduce the ability for bad actors to attack digital health software and enable the prevention of large-scale cyberattacks. In addition to addressing cybersecurity vulnerabilities, the project aims to identify and fix software-related weaknesses that affect patient safety and experience.
“By adapting and extending security, usability, and software assurance technologies, this digital health security effort will play a crucial role in addressing vulnerabilities in health systems,” said Andrew Carney, ARPA-H program manager, in a statement. “This project will also help us identify technical limitations of future technology deployments and contribute to the development of new innovations in digital security to better keep our health systems and patients’ information secure.”
Proposals for Digiheals must be submitted through the Scaling Health Applications Research for Everyone (SHARE) Broad Agency Announcement (BAA).