Brief description of LHD: Tri-County Health Department (TCHD) serves over 1.5 million people in Adams, Arapahoe and Douglas Counties in Colorado, from 11 offices in a 3,000 square mile area. TCHD employs approximately 400 public health professionals and offers over 60 programs/services ranging from birth certificates, immunizations and health care referrals to restaurant inspections and infectious disease investigations. The agency’s jurisdiction includes 26 municipalities and 3 unincorporated counties, 15 school districts with more than 360 public schools, 12 acute care hospitals, 3 Federally Qualified Healthcare Centers with multiple facilities, and 3 community mental health service providers. Public Health Issue: Cyberattacks on health care facilities emerged as a major issue in 2017 with the global “WannaCry” ransomware outbreak. Although public health agencies were not a direct target in this episode, they have been subject to security breaches, an issue addressed by The Nations Health publication of the American Public Health Association in a recent article entitled Public health increasingly facing cybersecurity threats: Health field a top target for attacks which noted that “while hospitals and health care systems work to beef up their defenses against cyberattacks, more hackers may see public health as a soft target.” Goals and Objectives: With the growing urgency of this problem, TCHD is committed to protecting all types of data that is housed within the organization and takes cyber threats very seriously. The goal was to create a layered security infrastructure that would combat external and internal threats to TCHD data, while also protecting against data loss, corruption, or theft. • Objective 1: Protect against Malware and Viruses from External Sources. • Objective 2: Protect against internal attacks or breaches. • Objective 3: Secure all TCHD data from loss, corruption, or theft. Implementation: With the prevalence of cyber-attacks, phishing scams and ransomware targeted specifically at health care organizations, TCHD’s Information Technology Team implemented a five-phase protection program to upgrade and secure all internal systems against these threats. • Phase 1: Inbound Cloud Protection for all Email. • Phase 2: Externally Facing Firewall. • Phase 3: On Premise Email Scrubbing Appliance. • Phase 4: East – West Internal Firewall. • Phase 5: PC Endpoint Protection. Intended / Actual Outcomes: The intended outcome was to ensure that multiple layers of security were implemented to properly protect against cyber security threats. Actual outcomes have demonstrated that the LNS model was able to protect TCHD against the massive “WannaCry” ransomware outbreak, while several health care facilities were severely impacted. In addition, no HIPAA related breaches have occurred due to the Digital Leak Prevention technology that scans all outbound file transfers to ensure they are free of Personal Health Information (PHI) or Personally Identifiable Information (PII) data. Additionally, the firewall utilized by TCHD is configured with GEO Protection, a mechanism which allows the organization to drop inbound requests originating in countries that frequently perform cyber-attacks, network probing, or attempts to gain entry into systems. After activating GEO protection based upon the research of which countries frequently attacked TCHD systems, network attacks dropped from a high of over 5,000 attacks per week, to just under an average of 12 per week. With less potential attacks to contend with, TCHD systems are more secure, instantly blocking a connection that if left untouched could create a potential breach situation. Public Health Impact of Practice: The impact of the LNS model upon public health is ensuring that the data, which is critical to the operation of a local health department, is secured, monitored and protected. Website of LHD: http://www.tchd.org