Press & Releases

 

Wellness plan recommends implementing enterprise and industry-wide goals by 2029 on the imperative that Cyber Safety is Patient Safety.

Washington, DC – February 16, 2024 – The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group today published a guide for health providers and companies to coordinate privacy and cybersecurity functions for improved overall compliance and operational efficiencies and effectiveness. It is found here: https://healthsectorcouncil.org/privacy-security-coordination/

The Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) has worked with HHS, CISA and other federal agencies over the past several years to develop leading cybersecurity practices that are provided to all health organizations in the ecosystem. Today’s release of the HPH Cyber Performance Goals (CPGs) is the next iteration of that partnership. The CPGs amplify the recognition among health providers – large, medium and small – that cyber safety is patient safety, and that focused investment and accountability are imperative to inoculate our data, systems and patients against the rising epidemic of cyber-attacks on the sector. This accountability in turn must be supplemented with government and industry assistance to those under-resourced health systems that accept their cybersecurity responsibility for protecting patient safety as a national imperative but are financially and operationally constrained.

HIC-STAT identifies cyber risks and best practices associated with the use of telehealth and telemedicine, and summarizes the policy and regulatory underpinnings for telehealth/telemedicine cyber risk management. It is targeted for senior executives in healthcare and IT, telehealth service and product companies, and regulators.

MVCT is a toolkit written to provide specific tools to medical device manufacturers and software developers for creating cybersecurity vulnerability communications related to their products or services. This toolkit focuses on vulnerability communications directed to non-security professionals, including clinicians, patients, users, and other readers not familiar with cybersecurity and connected technologies. It is intended to help medical device manufacturers formulate and communicate vulnerability disclosures that all affected audiences, including nontechnical stakeholders, can understand.

The HIC-SCRiM is a toolkit for small to mid-sized healthcare institutions to better ensure the security of the products and services they procure through an enterprise supply chain cybersecurity risk management program.

The HIC-PIC is a white paper with guidance for how healthcare organizations can protect trade secrets, medical research and other innovation capital from cyber theft.