October is Cybersecurity Awareness Month. The 2025 theme is “Building a Cyber Strong America,” highlighting the need to strengthen the country’s infrastructure against cyber threats and ensure resilience and security. In recognition of healthcare’s rising threat profile and the urgent need to shore up cybersecurity industry-wide, the EHR Association shares the following statement:

Cybersecurity Awareness Month is an ideal opportunity to highlight the healthcare industry’s unique security risks, in particular the dual threat we collectively face from the highly valuable patient data held in our health IT systems, as well as the critical dependencies that directly impact patient care. Health data is a top target for nefarious actors, and a single cyber incident can cause lasting harm by disrupting operations, delaying treatments, and jeopardizing lives. To reduce the industry’s risk profile, the EHR Association advocates for stronger protections and realistic, risk-based implementations of security safeguards that enhance resilience without overwhelming resource-constrained hospitals, health systems, and other provider organizations.

– EHR Association Privacy & Security Workgroup