Author: Allison Burke

Health Sector Publishes Medical Product Manufacturer Cyber Incident Response Playbook

Written by Allison Burke on November 13, 2024. Posted in Press & Releases.

Medical Product Manufacturer Cyber Incident Response Playbook (MPM CIRP)

Written by Allison Burke on November 13, 2024. Posted in Publication Downloads.

The Medical Product Manufacturer Cyber Incident Response Playbook (MPM CIRP) is a comprehensive guide that provides information, step-by-step recommendations, and processes for medical product manufacturers to use in responding to manufacturing cyber incidents.

HHS Providers Resource for Change Healthcare Recovery

Written by Allison Burke on March 26, 2024. Posted in Press & Releases.

In light of continuing concerns expressed by health providers about their difficulty getting answers from healthcare plans about the availability of prospective payments or the flexibilities while the Change Healthcare platform is unavailable, HHS asked health plans to provide specific national contact information that providers can use when they need this information. The attached letter from HHS with an appendix for Plan/Payer contact information is made widely available and should be shared with providers who need it. HHS also advises that if a provider has a regional point of contact for your health plan, they suggest you reach out to them first. If you reach out to these contacts and do not receive a response, please contact HHS at HHScyber@hhs.gov.

Health Sector Publishes Privacy and Security Coordination Guide

Written by Allison Burke on February 16, 2024. Posted in Press & Releases.

Washington, DC – February 16, 2024 – The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group today published a guide for health providers and companies to coordinate privacy and cybersecurity functions for improved overall compliance and operational efficiencies and effectiveness. It is found here: https://healthsectorcouncil.org/privacy-security-coordination/

HIC Coordinated Privacy Security Partnerships

Health Industry Cybersecurity – Coordinated Privacy Security Partnerships (HIC-CPSP)

Written by Allison Burke on February 16, 2024. Posted in Publication Downloads.

This resource highlights the ways that enterprise Privacy and Security functions can proactively and cohesively work together through the use of shared executive sponsorship, combined governance, and tabletop exercises, among other coordination techniques.

Medtech Vulnerability Communications Toolkit (MVCT)

Written by Allison Burke on October 17, 2023. Posted in Publication Downloads.

MVCT is a toolkit written to provide specific tools to medical device manufacturers and software developers for creating cybersecurity vulnerability communications related to their products or services. This toolkit focuses on vulnerability communications directed to non-security professionals, including clinicians, patients, users and other readers not familiar with cybersecurity and connected technologies. It is intended to help medical device manufacturers formulate and communicate vulnerability disclosures that all affected audiences, including nontechnical stakeholders, can understand.

HSCC Cyber Working Group Q3 2023 REPORT PUBLIC

HSCC Cybersecurity Working Group Q3 2023 Progress Report

Written by Allison Burke on October 11, 2023. Posted in Progress Report.

To: HSCC Joint Cybersecurity Working Group
From: Erik Decker, Industry Chair

Health Industry Cybersecurity – Securing Telehealth and Telemedicine (HIC-STAT)

Written by Allison Burke on October 1, 2023. Posted in Publication Downloads.

HIC-STAT identifies cyber risks and best practices associated with the use of telehealth and telemedicine, and summarizes the policy and regulatory underpinnings for telehealth/telemedicine cyber risk management. It is targeted for senior executives in healthcare and IT, telehealth service and product companies, and regulators.

Health Industry Cybersecurity Tactical Crisis Response Guide (HIC-TCR)

Written by Allison Burke on August 31, 2023. Posted in Publication Downloads.

The HIC-TCR is a tactical guide to advise health providers on tactical response activities for managing the cybersecurity threats that can occur during an emergency, such as the COVID-19 Pandemic.

Health Industry Cybersecurity – Matrix of Information Sharing Organizations (HIC-MISO)

Written by Allison Burke on August 1, 2023. Posted in Publication Downloads.

The HIC-MISO identifies many of the cybersecurity information sharing organizations and their key services, as health organizations are beginning to understand the importance of cybersecurity information sharing and implementing information sharing systems.

Health Sector Comments CISA Baseline CPG

HSCC Comment Letter on CISA Cross-Sector Cybersecurity Performance Goals

Written by Allison Burke on August 4, 2022. Posted in Publication Downloads.

The HSCC Cybersecurity Working Group advises CISA to recognize the many cybersecurity tools and resources developed specifically for the health sector, and that any CISA Common Baseline Cybersecurity Performance Goals should align closely to these health sector resources to minimize confusion in the sector about the preferred frameworks to implement.

The letter was developed by members of the Measurement and Policy Task Groups, and the CWG Executive Committee.

The Future of Secure Healthcare Systems Podcast

Written by Allison Burke on July 6, 2022. Posted in Community Contributions, Press & Releases.

The intersection between cybersecurity and healthcare can sometimes be a complicated gray area for people that don’t know much about this topic. In this episode, we talk with Erik Decker, the Chief Information Security Officer at Intermountain Healthcare, a mastermind leader in cybersecurity in the healthcare field. When it comes to the healthcare sector, Erik reflects on how technology has to keep up with the pace we are now running in, addressing threats around cybersecurity and the relationship between AI and machine learning in this topic.