Demo Request
X Close Search

How can we assist?

Censinet Delivers Comprehensive Support for New HHS Cybersecurity Performance Goals, Accelerates Coverage and Compliance

HPH Cybersecurity Performance Goals

Censinet Delivers Comprehensive Support for New HHS Cybersecurity Performance Goals, Accelerates Coverage and Compliance

Purpose-Built for Healthcare, Censinet Accelerates Coverage and Compliance Across All CPGs; Maximizes Speed to Identify, Assess, and Mitigate Third-Party Risks


BOSTON, MA – JANUARY 25, 2024 – Censinet, the leading provider of healthcare risk management solutions, today announced delivery of comprehensive support for healthcare organizations to assess, manage, and improve coverage and compliance for the full set of Healthcare and Public Health Sector Cybersecurity Performance Goals (HPH CPGs), released yesterday by the The U.S. Department of Health and Human Services (HHS). In the release, HHS provided 10 Essential and 10 Enhanced voluntary HPH CPGs to help healthcare organizations “prioritize implementation of high-impact cybersecurity practices”, strengthen industry cyber resiliency, and protect patient safety from escalating cyber threats. 

“Censinet applauds HHS for releasing the HPH Cybersecurity Performance Goals to help accelerate our industry’s path toward stronger cyber maturity and resiliency,” said Ed Gaudet, CEO and Founder of Censinet. “Censinet is ready to deliver comprehensive support to all healthcare organizations to assess, improve, and demonstrate overall HPH CPG coverage, and implement many of the specific third-party risk and incident response-related CPGs.” 

Censinet and leading healthcare cybersecurity experts, including Erik Decker, Chief Information Security Officer, Intermountain Health, and John Riggi, National Advisor for Cybersecurity and Risk, American Hospital Association, will host a webinar on February 21 at 11am ET to discuss the new HPH CPGs, the implications for healthcare organizations, recommendations for adoption, and the potential regulatory timeline – register here.

“Today’s release is exemplary of the public-private partnership at work,” said Erik Decker, Chairman of the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group. “These CPGs leverage five years of work with the release of HICP and offer clarity and direction to our industry on key and necessary cybersecurity practices.”

The HPH CPGs are based on the Cybersecurity and Infrastructure Security Agency (CISA) Cross-Sector CPGs, NIST Cybersecurity Framework (CSF), Health Industry Cybersecurity Practices (HICP), and other cybersecurity best practices, frameworks, and guidelines. Per the release, the HPH CPGs “directly address common attack vectors against U.S. domestic hospitals as identified in the 2023 Hospital Cyber Resiliency Landscape Analysis.” The 10 Essential HPH CPGs are “foundational practices” enabling healthcare organizations to better protect and respond to cyberattacks, while the 10 Enhanced CPGs are “advanced practices” to drive greater cybersecurity maturity and resiliency. 

“Censinet gives our organization a significant headstart on maintaining compliance with these new HHS Cybersecurity Performance Goals,” said Aaron Miri, SVP and Chief Digital & Information Officer at Baptist Health. “With its unique automation and capabilities purpose-built for healthcare, Censinet helps make it achievable for health systems to meet the requirements of the CPGs."

“The HHS Cybersecurity Performance Goals represent a pivotal moment for healthcare in protecting patient care from cyber threats,” said Joel Vengco, SVP and Chief Information & Digital Officer at Hartford HealthCare. “Censinet will greatly simplify our efforts to demonstrate ongoing compliance with these important new standards.”

Purpose-built for healthcare, Censinet RiskOpsTM accelerates healthcare organizations’ efforts to assess, manage, and maintain full coverage and compliance for all 10 Essential and 10 Enhanced HPH CPGs, including:

  • HPH CPG enterprise assessments with evidence capture to assess and improve organization-wide coverage levels for all 10 Essential and 10 Enhanced HPH CPGs
  • Ability to leverage completed NIST Cybersecurity Framework (CSF) or Health Industry Cybersecurity Practices (HICP) enterprise assessments – including those submitted for the 2024 Healthcare Cybersecurity Benchmarking Study – to rapidly complete HPH CPG enterprise assessments 
  • Automated, actionable guidance and trackable tasks to identify and close gaps in HPH CPG coverage
  • Risk Register to manage open risk items across all third party- and enterprise risk-related HPH CPGs 
  • Censinet RiskOps Dashboard with real-time HPH CPG coverage levels, trend reports, trackable task status, benchmarks, and Board-ready graphics 
  • Audit-ready reporting to demonstrate coverage and compliance to the Board and regulators

In addition, Censinet RiskOps enables healthcare organizations to implement comprehensive solutions for third-party and incident response-related HPH CPGs, including the Essential CPG “Vendor/Supplier Cybersecurity Requirements” and the Enhanced CPGs “Third Party Vulnerability Disclosure” and “Third Party Incident Reporting.”

To learn more about the HPH CPGs and how Censinet can help your organization assess, manage, and maintain full coverage and compliance, please email

To schedule a conversation with Chris Logan, Chief Security Officer at Censinet, to discuss how the HPH CPGs might affect your organization – including the impact on cybersecurity & risk management processes, investment planning, resource allocation, and Board governance – please email

About Censinet

Censinet®, based in Boston, MA, takes the risk out of healthcare with Censinet RiskOps, the industry’s first and only cloud-based risk exchange of healthcare organizations working together to manage and mitigate cyber risk. Purpose-built for healthcare, Censinet RiskOpsTM delivers total automation across all third party and enterprise risk management workflows and best practices. Censinet transforms cyber risk management by leveraging network scale and efficiencies, providing actionable insight, and improving overall operational effectiveness while eliminating risks to patient safety, data, and care delivery. Censinet is an American Hospital Association (AHA) Preferred Cybersecurity Provider. Find out more about Censinet and its RiskOps platform at

# # #




Briana McGann
(781) 328-4118

Slide 1

This is some text inside of a div block.
Text Link
Censinet Risk Assessment Request Graphic

Censinet RiskOps™ Demo Request

Do you want to revolutionize the way your healthcare organization manages third-party and enterprise risk while also saving time, money, and increasing data security? It’s time for RiskOps.

Schedule Demo

Sign-up for the Censinet Newsletter!

Hear from the Censinet team on industry news, events, content, and 
engage with our thought leaders every month.

Terms of Use | Privacy Policy | Security Statement | Crafted on the Narrow Land