Texas provider takes the lead on plan to share cybersecurity threat info
After calls to launch a national cyberthreat information sharing system, the Department of Health and Human Services (HHS) has taken the first steps with a $150,000 grant to a Texas provider.
Harris Health System will help HHS develop and improve ways to share cybersecurity threat information and offer the healthcare sector better protection.
President Barack Obama signed an advisory executive order in February which encouraged the development of central clearinghouses, the government to share data and the creation of centers where data can be shared across specific geographic regions.
“Over the past decade, healthcare stakeholders have implemented a health information technology infrastructure to access, send and receive electronic health data,” said Jeffrey Vinson, Harris Health's vice president and chief information security officer, in a release. “However, unlike other industries such as finance, which have already been transformed by technology, many healthcare organizations have not invested sufficiently in robust IT security measures that can protect and encrypt health data in electronic
Through the grant, Harris Health will identify the cybersecurity information needs and gaps of hospitals and other healthcare organizations, according to Steve Curren, director of the critical infrastructure protection program in HHS' office of the assistant secretary for preparedness and response.
Then, the provider organization “will propose a strategy for enhancing the sharing of cybersecurity information among the federal government and private sector partners to better protect the critical cyber infrastructure of the nation’s healthcare system,” said Curren. “This planning grant represents a preliminary step toward future activities that HHS may undertake to work with and support information sharing and analysis organizations focused on the healthcare and public health sector.”
“A strong cyber defense strategy should address how to prepare and monitor attacks, respond and ultimately recover from breaches,” Vinson said. “At a minimum, security architecture across sectors should be able to stall adversarial efforts, thwart attacks at each phase and facilitate a rapid response.”
The grant is for one year grant. A separate contract, yet to be awarded, will focus on the actual mechanisms of sharing threat information.