June 13, 2025
By Rebekah Glick, MPA, Policy Analyst, California Telehealth Resource Center
If you’re a telehealth provider in California, chances are you’ve got a lot on your plate—patient care, documentation, scheduling, billing, and more. Cybersecurity may not be the top priority on your list, but it should be.
Why? Because cyberattacks are rising in healthcare, and telehealth providers—especially small clinics and solo practices—are increasingly in the crosshairs. These cyberattacks can be devastating not only in terms of the impact on patients whose personal data is shared with bad actors, but also in terms of the cost to the provider. Many health care providers in rural and low resourced areas are just trying to keep their doors open, and one cyberattack could be the difference between being able to continue supporting your community or being forced to shut down.
But the good news is, you don’t need an advanced degree in cybersecurity or IT to take action today. Here are five tools and resources you can start using today to protect your practice, your patients, and your peace of mind.
Start with a free security checkup from CISA.
The Cybersecurity & Infrastructure Security Agency (CISA) offers free cybersecurity hygiene services to help organizations learn about potential threats, reduce exposure, and take a proactive approach to mitigating cybersecurity risks.
The CISA Cyber Hygiene service is free – click here for more information and to enroll today!
Read the HSCC’s Securing Telehealth and Telemedicine Guide
This free resource from the Health Sector Coordinating Council’s Cybersecurity Working Group is geared towards professionals in healthcare and IT, particularly for telehealth and telemedicine providers. It provides best practices around cybersecurity and telehealth and an overview of relevant policies and regulations. Contents include:
- Why Telehealth is a target in cyberspace
- The major types of attacks against telehealth systems
- Ways to assess or evaluate a telehealth program
- Implementing and maintaining a telemedicine program
Prepare Using the HSCC’s Cyber Incident Response Executive Checklist
Even with all of the right policies and procedures in place, things can go wrong. It is critical for telehealth providers to respond quickly and effectively when this happens. The free Cyber Incident Response Executive Checklist from HSCC provides a checklist to help executives of health care providers move through:
- Incident response
- Business continuity
- Communications (both internal and external)
Get involved with CTRC
Telehealth doesn’t have to mean working in isolation. The California Telehealth Resource Center (CTRC) is here to help with any technical assistance you require. If you have any questions about making sure your organization is cybersecure, you can contact us here.
Bottom line: You don’t have to do everything at once—but doing something today matters. Cybersecurity is a journey. Start small, use the tools already available, and build a stronger, safer system for your patients and your practice.
To learn more or request technical assistance, visit www.caltrc.org or reach out to our team directly.
Leave a Comment