Below are all the published HSCC Joint Cybersecurity Working Group best practices, recommendations, and policy comment letters to date.
Best Practices and Recommendations
- June 6, 2020 – Health Sector Return-to-Work (R2W) Guidance:
This guidance compiles recommendations and considerations for managing a return-to-work (“R2W”) strategy for our healthcare institutions and companies approaching COVID phase-down, both domestically and internationally.
- May 18, 2020 – Health Industry Cybersecurity Tactical Crisis Response Guide (HIC-TCR):
The HIC-TCR is a tactical guide to advise health providers on tactical response activities for managing the cybersecurity threats that can occur during an emergency, such as the COVID-19 Pandemic.
- May 14, 2020 – Health Industry Cybersecurity Protection of Innovation Capital (HIC-PIC):
The HIC-PIC is a white paper with guidance for how healthcare organizations can protect trade secrets, medical research and other innovation capital from cyber theft.
- March 11, 2020 – Health Industry Cybersecurity Information Sharing Best Practices (HIC-ISBP):
The HIC-ISBP is a best practice guide for how healthcare organizations can set up and manage cyber threat information sharing programs for their enterprise.
- March 9, 2020 – Management Checklist for Teleworking Surge During COVID-19 Response:
The Teleworking Management Checklist is designed as a quick reference for healthcare enterprise management to consider important factors in a teleworking strategy that minimizes downtime and latency while supporting patient care, operational and I.T. security, and supply chain resilience.
- October 15, 2019 – Health Industry Cybersecurity Supply Chain Risk Management Guide (HIC-SCRiM):
The HIC-SCRiM is a toolkit for small to mid-sized healthcare institutions to better ensure the security of the products and services they procure through an enterprise supply chain cybersecurity risk management program.
- October 9, 2019 – Health Industry Cybersecurity Matrix of Information Sharing Organizations (HIC-MISO):
The HIC-MISO identifies many of the cybersecurity information sharing organizations and their key services, as health organizations are beginning to understand the importance of cybersecurity information sharing and implementing information sharing systems.
- June 17, 2019 – Health Industry Cybersecurity Workforce Guide:
The HIC Workforce Guide is a tool kit for recruiting and retaining skilled cybersecurity workforce in the healthcare sector.
- January 2, 2019 – Health Industry Cybersecurity Practices (HICP):
The HICP is a four-volume publication that seeks to raise awareness on managing cyberthreats and safeguarding patient safety for executives, health care practitioners, providers, and health delivery organizations, such as hospitals.
- January 28, 2019 – Medical Device and Health IT Joint Security Plan (JSP):
The JSP is a total product lifecycle reference guide to developing, deploying and supporting cyber secure technology solutions in the health care environment.
Policy Comment Letters
- December 31, 2019 – Comments on OIG and CMS Companion Proposed Rules RFI
- June 24, 2019 – Comments on HHS ONC Information Blocking RFI
- October 26, 2018 – Comments on HHS OIG Anti-Kickback Statute RFI
- October 17, 2018 – Comments on HHS ONC EHR Reporting Program RFI
- August 24, 2018 – Comments on HHS CMS Stark Law RFI