- The recently appointed Healthcare Cybersecurity Task Force is hoping that a crowdsourcing approach will draw in the necessary advice and insight for how the group can best implement change to keep the healthcare industry secure against evolving threats.
The Task Force was created under the Cybersecurity Information Security Act of 2015. Representatives were selected by the Secretary of Health & Human Services, in coordination with the Department of Homeland Security and the National Institutes of Standards and Technology.
Members are expected to analyze how other industries are strengthening their cybersecurity approach, and then develop recommendations to apply across the healthcare industry.
Task Force Member Fred Trotter explained in a recent blog post that he and the other members are reaching out to those in the healthcare industry through platforms like The Health Care Blog, Reddit and Twitter.
“Our Task Force is asking the healthcare, patient and technology communities for help in this assignment,” Trotter wrote. “We are taking a crowdsourcing approach to cybersecurity ideation so we can aggregate and assess what people have to say about these issues.”
Trotter explained that while the Task Force might disagree with some input, or that some advice might not adhere to the federal mandates, the group will do its best to listen to all suggestions.
“Cybersecurity in healthcare is too complex for any small group to understand completely, and too important for any group to pretend that they can,” Trotter stated. “We need advice. And we will listen to anyone who has the advice to give and the time to give it.”
According to the Cybersecurity Information Sharing Act, the Task Force must complete the following tasks:
- Analyze other industries’ strategies and approaches to combating cybersecurity threats
- Analyze the challenges and barriers private healthcare entities face
- Review networked medical device security challenges, as well as challenges in protecting EHRs
- Determine how stakeholders can better prepare for and respond to cybersecurity threats
- Establish healthcare cybersecurity information sharing plan for Federal agencies and the industry
- Submit a final report to Congress
Trotter reiterated that the Task Force is willing to listen to any responses, and also urged individuals to reach out through social media outlets.
“If you think you have special insights on how best to protect the healthcare system from cybersecurity threats, please let us know, ASAP,” he said. “We are already feeling the deadline for our report to Congress looming.”
Just earlier this month it was announced that CHIME board member Theresa Meadows, R.N., CHCIO was named Task Force co-chair.
Information sharing will be especially important in improving the healthcare industry’s cybersecurity measures, Meadows said in an earlier statement.
“Healthcare is different from any other industry,” said Meadows, who is also senior vice president and CIO at Cook Children’s Health Care System in Fort Worth, Texas. “We have multiple sectors that comprise one big sector, each with different vantage points and resources.”
Information sharing must work for everyone, she added. Individuals need to not only receive the data, but they must also understand what to do with it once they receive it.