Download:
pdf |
pdf405(d) Pretesting Questionnaire
Document Content
Form Approved
OMB No. 0990-0379
Exp. Date 09/30/2020
1. As far as presentation, what are your thoughts on the entire publication’s
look and feel?
a. Does this convey that the approach is being taken from a healthcare
perspective, not a cybersecurity perspective?
b. Is it practical and easy to understand; actionable and easy to use,
applicable to a wide range of organizations?
2. Does the Main Document do a good job of presenting information that is “eye
opening”, demonstrating how real and widespread cybersecurity threats are
to the healthcare and public health sector?
3. Does the Main Document take an approach that is too alarming?
a. Does it do a good enough job of articulating that what will follow is a
set of actions/best practices that can be taken to mitigate the threats
discussed?
4. Does this Main Document serve as a “call to action”, making the reader more
likely to continue further to better understand the best practices that can be
used to mitigate the threats discussed?
5. After reading the document, do you feel that you now know “WHAT TO
ASK”, “WHEN TO ASK”, AND “WHO TO ASK”?
6. What parts, if any, do you find are not useful (i.e. what parts would you
suggest removing)?
7. Does the Main Document provide enough information to help you determine
whether your organization falls under small, medium, or large?
According to the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information
unless it displays a valid OMB control number. The valid OMB control number for this information collection is
0990-0379. The time required to complete this information collection is estimated to average 1 hours per response,
including the time to review instructions, search existing data resources, gather the data needed, to review and
complete the information collection. If you have comments concerning the accuracy of the time estimate(s) or
suggestions for improving this form, please write to: U.S. Department of Health & Human Services, OS/OCIO/PRA,
200 Independence Ave., S.W., Suite 336-E, Washington D.C. 20201, Attention: PRA Reports Clearance Officer
�8. What actions, if any, have you/would you take(n) to apply information
learned from the entire publication into your organization’s cybersecurity
activities and plans?
a. What would make you take action on what you learned from the entire
publication?
9. Does the entire publication’s voice deliver complex concepts that are
digestible?
10. Is the length of the entire publication sufficient or too dense?
a. Could the length serve as a barrier to use, implementation, action?
General Feedback
11. Is it clear that the document provides VOLUNTARY cybersecurity guidelines
and best practices?
12. In 2-3 sentences, what are your biggest takeaways from reading the
document?
13. If this document was released today, do you feel that it provides you with a
foundation to build a stronger cybersecurity presence within your
organization?
HHS Communication
14. What communication, if any, do you receive from HHS? (HHS, FDA, OCR,
CMS, ONC, etc.)
15. What current communication received from HHS do you regularly or
sometimes read?
16. What is the best way for HHS to distribute cybersecurity related guidelines
to relevant stakeholders like you?
a. Communication channels
b. Formats
�Next Steps
17. After reading the document, what topic, if any, would you like additional
guidelines on from HHS?
18. Would you be open to providing additional feedback to future versions of the
publication?
�
| File Type | application/pdf |
| File Modified | 2018-05-30 |
| File Created | 2018-05-30 |