-
Healthcare Cybersecurity is in Critical Condition
- HIPAA data breaches in 2023 nearly doubled to 725 since 2018.
- Ransomware Hit 141 Hospitals in 2023 – the average ransom was $1.5M per institution.
Upgrading to stable condition is our shared responsibility. -
Cyber Safety is Patient Safety
The Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) is an industry-led council of more than 400 healthcare organizations advising the government and health sector on how to protect against and recover from cyber threats to health data and research, systems, manufacturing and patient care. The CWG membership collaboratively develops and publishes freely-available healthcare cybersecurity best practices and policy recommendations, and produces outreach and communications programs emphasizing the imperative that Cyber Safety is Patient Safety.
Photo: 2023 Semi-annual Membership Meeting — Salt Lake City.
-
Health Industry Cybersecurity Strategic Plan
- Identify healthcare industry trends over the next five years.
- Assess associated cybersecurity challenges
- Recommend cybersecurity strategy to upgrade from “Critical Condition” to “Stable Condition” in 2029; and
- All hands on deck – health providers, medtech and health IT, pharmaceutical, health plans and payers, and government: implement and facilitate achievement of the strategy.
- HIPAA data breaches in 2023 nearly doubled to 725 since 2018.
- Ransomware Hit 141 Hospitals in 2023 – the average ransom was $1.5M per institution.
Health Sector Coordinating Council
The HSCC mission is to identify cyber and physical risks to the security and resiliency of the sector, develop guidance for mitigating those risks, and work with the government to facilitate threat preparedness and incident response.
Press & Releases
-
Health Sector Publishes Cyber Incident Response Executive Checklist
-
HSCC Cybersecurity Working Group Q1 2024 Report
-
Health Sector Cybersecurity Working Group Testifies to House Energy and Commerce Committee with Recommendations for Preventing Future Catastrophic Cyber Attacks
-
Examining Health Sector Cybersecurity in the Wake of the Change Healthcare Attack – Congressional Testimony
-
HHS Providers Resource for Change Healthcare Recovery
-
Health Industry Publishes Guide for Medical Device and Health IT Security
-
Healthcare Sector Coordinating Council Cybersecurity Working Group Charter
-
Health Sector Coordinating Council publishes Five-Year Health Industry Cybersecurity Strategic Plan (HIC-SP) – 2024-29
Publications
-
Cyber Incident Response Executive Checklist
-
JSP2 Infographic
-
Medical Device and Health IT Joint Security Plan version 2 (JSP2)
-
HSCC MEDTECH JSP 2.0 Overview
-
Health Sector Statement of Support for Improving Cyber Safety to Protect Patient Safety
-
HSCC Health Industry Cybersecurity Strategic Plan Overview
-
HSCC Health Industry Cybersecurity Strategic Plan FAQ
-
Health Industry Cybersecurity Strategic Plan 2024-2029