This outlines a framework for health delivery organizations (HDOs) and other stakeholders to plan for and respond to cybersecurity incidents around medical devices, ensure effectiveness of devices, and protect patient safety.

The healthcare sector knows how to prepare for and respond to natural disasters. It is less prepared, however, to handle cybersecurity incidents, particularly those involving medical devices. Recent global cyber attacks highlighted the need for more robust cybersecurity preparedness to execute an enhanced, effective, real-time response that enables continuity of clinical operations.

The playbook supplements existing HDO emergency management and/or incident response capabilities with regional preparedness and response recommendations for medical device cybersecurity incidents. The playbook outlines how hospitals and other HDOs can develop a cybersecurity preparedness and response framework, which starts with conducting device inventory and developing a baseline of medical device cybersecurity information.