Membership In The Healthcare Sector Coordinating Council Cybersecurity Working Group
About the HSCC
The Healthcare and Public Health Sector Coordinating Council (HSCC) is a coalition of private-sector critical healthcare infrastructure entities organized under Presidential Policy Directive 21 to partner with government in the identification and mitigation of strategic threats and vulnerabilities facing the sector’s ability to deliver services and assets to the public.
About the HSCC Joint Cybersecurity Working Group
The HSCC Joint Cybersecurity Working Group (JCWG) is a standing working group of the HSCC, composed of more than 420 industry, government and advisor organizations working together to identify and mitigate emerging and ongoing cybersecurity challenges to the health sector. Reference to “CWG” means the industry-only component of the membership and “JCWG” refers to the joint membership that includes government participation in meetings and deliverables.
Voting Member Eligibility Criteria
The HSCC CWG charter identifies Regular (Voting) Members as: 1) “covered entities” or “business associates” as defined by HIPAA; 2) companies whose technology and products (medical devices, pharmaceuticals and life sciences) are regulated by FDA; 3) health plans and insurance; 4) health I.T. organizations subject to interoperability requirements; 5) public health agencies; and 6) the industry associations that represent eligible members. Voting Members are eligible to vote for and hold leadership positions, and vote as necessary on work products that come before the full working group.
These eligibility criteria align with the definition of “critical infrastructure owners and operators” as promulgated by the Cybersecurity and Infrastructure Security Agency which oversees the national public private partnership that involves HSCC and all other critical infrastructure sectors. Specifically, “critical infrastructure owners and operators are those entities that own and invest in infrastructure assets, in the systems and processes to secure them, and that are held responsible by the public for their operations and response and recovery when their infrastructures or key resources are disrupted.”
Skill sets among member representatives in the HSCC CWG are multi-disciplinary, including those responsible for:
- Cyber risk management
- Information and data management
- Information technology (IT) and operational technology (OT)
- Patient safety
- Product security
- Privacy and security compliance
- Policy, regulatory and legal affairs
Advisor Member Criteria
Vendors, consultants, law firms or others that do not meet Voting Member criteria are in the “Advisor” category of membership and as such may participate in task group activities at the invitation from the CWG Leadership (chair, vice chair, executive committee, task group leaders). The condition for Advisors’ participation is that they must not use the SCC as a platform for business development or seek to steer best practices, recommendations or other work product toward any proprietary solutions that are commercially beneficial to the Advisor or other Voting Members or Advisors. Advisor member organizations are capped at 15% of the Voting membership, and are assessed for continued membership every year based on participation records.
HSCC CWG Charter
All Members and Advisors of the CWG agree as a condition of membership to abide by the terms of the CWG Charter. Membership in the HSCC is by Organization, with individual staff and executives serving as representatives of the member enterprise. Each member organization shall designate a primary point of contact to coordinate member engagement with the HSCC and secretariat.
Cost to Join
As a condition for our serving as a recognized advisory council to the government, the HSCC is not permitted to charge dues, which can be considered exclusionary against organizations that may not have the resources but otherwise meet eligibility criteria. The only cost to joining may be considered “sweat equity.” Active participation is expected and beneficial to all involved, but not compulsory for Voting Members. Advisor members are expected to participate in at least 50% of the active task group(s) they have joined.
How to Enroll
For more information and to inquire about joining, please contact us.