Skip to main content
  • Healchcare data graphic Healchcare data graphic
    Healthcare Cybersecurity is in Critical Condition
    • HIPAA data breaches in 2023 nearly doubled to 725 since 2018.
    • Ransomware Hit 141 Hospitals in 2023 – the average ransom was $1.5M per institution.
    Upgrading to stable condition is our shared responsibility.
  • Meeting of cybersecurity professionals. Meeting of cybersecurity professionals.
    Cyber Safety is Patient Safety

    The Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) is an industry-led council of more than 400 healthcare organizations advising the government and health sector on how to protect against and recover from cyber threats to health data and research, systems, manufacturing and patient care. The CWG membership collaboratively develops and publishes freely-available healthcare cybersecurity best practices and policy recommendations, and produces outreach and communications programs emphasizing the imperative that Cyber Safety is Patient Safety.

    Photo: 2023 Semi-annual Membership Meeting — Salt Lake City.

  • Cybersecurity Strategic Plan cover Cybersecurity Strategic Plan cover
    Health Industry Cybersecurity Strategic Plan
    • Identify healthcare industry trends over the next five years.
    • Assess associated cybersecurity challenges
    • Recommend cybersecurity strategy to upgrade from “Critical Condition” to “Stable Condition” in 2029; and
    • All hands on deck – health providers, medtech and health IT, pharmaceutical, health plans and payers, and government: implement and facilitate achievement of the strategy.
Healthcare Cybersecurity is in Critical Condition
  • HIPAA data breaches in 2023 nearly doubled to 725 since 2018.
  • Ransomware Hit 141 Hospitals in 2023 – the average ransom was $1.5M per institution.
Upgrading to stable condition is our shared responsibility.

Health Sector Coordinating Council

Cybersecurity Working Group

The HSCC mission is to identify cyber and physical risks to the security and resiliency of the sector, develop guidance for mitigating those risks, and work with the government to facilitate threat preparedness and incident response.

Healthcare Cybersecurity Best Practices

By the Sector, For the Sector

You’re a health provider, medical technology or health I.T. company, pharmaceutical manufacturer, health plan or payer, public health agency; how do you want to improve your cybersecurity posture?