Healthcare industry group builds cybersecurity threat center
Network World - Looking to address growing cybersecurity threats in the healthcare industry the Health Information Trust Alliance today said it has established a centralized Cybersecurity Incident Response and Coordination Center where organizations can report incidents and get help remediating electronic medical security problems.
The 5-year-old HITRUST group -- which is led by an amalgamation of healthcare and computing industry giants such as WellPoint, Kaiser Permanente and Cisco -- said it created the center with an eye toward helping the U.S. healthcare industry battle cyberattacks with timely alerts and by sharing of relevant cybersecurity threat and event information.
IN PICTURES: High-tech healthcare technology gone wild
"The group will focus on cybersecurity threats and events targeted at healthcare organizations in areas, including, but not limited to, networks, mobile devices, workstations, servers and medical devices. This sharing of information is crucial for organizations' preparedness, protection and crisis management," the group stated.
"The center is working initially with 14 leading industry organizations, representing health plans and health systems, and the U.S. Department of Health and Human Services to share various security incident information. The center will collaborate with HITRUST and others to identify and remediate incidents, and will also obtain and synthesize cyber threat and response information from numerous other sources to make the information more readily available to center participants. HITRUST will also lead the center's participants in evaluating appropriate tools and related security mechanisms to support the center's efforts," the group stated.
The HITRUST organization has already established what it calls a Common Security Framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information.
"As the healthcare industry continues its conversion process to full patient electronic medical records, it will most certainly become a more frequent target of cybersecurity attacks, and having such a system in place in the near future will be key to collaboratively responding and preventing such attacks," said Jorge DeCesare, chief data security administrator of Dignity Health, in a statement.
A recent Network World story helps define the cybersecurity problems healthcare organizations are facing. The article noted that a biannual survey of 250 healthcare organizations shows the percentage experiencing a patient data breach is up. And with the growth in electronic records-keeping, more of those problems are originating from laptops and mobile devices rather than a human slip-up in handling paper documents.
"Use of new technologies, in particular mobile devices in the workplace, has skyrocketed, creating new operational efficiencies and security vulnerabilities," noted the survey report, entitled the "2012 HIMSS Analytics Report: Security of Patient Data." The organization Healthcare Information and Management Systems Society also pointed out, "As mobile devices proliferate in exam rooms and administrative areas, so do the associated vectors of potential attack. Adding to this are the risks from employee negligence and organizational policies that have not kept pace with ever-changing technology."
Pilot fish is trying to help a woman who runs a daycare center -- and since all she wants to do is publish a 30-page online handbook for parents, how hard will that be?
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Security, Privacy and Trust in Email Management
- This white paper discusses a SaaS-based email management solution that delivers the security, continuity and archiving capabilities your organization demands.
- The Total Cost of Email
- In this white paper, we'll explore the true costs of fragmented email management and uncover how to reduce those costs with a cloud-based...
- Balancing Security, Compliance and Cost: the Prescription for Healthcare Email Management: Move to the Cloud
- Learn how cloud-based technologies for core productivity tools such as email and collaboration can help healthcare organizations be more efficient with IT dollars...
- Email Security Checklist: Eight Steps for Healthcare Organizations
- Don't let fear of violating Healthcare Insurance Portability and Accountability Act (HIPAA) codes prevent you from using email to communicate sensitive information.
- Seven questions you must ask before choosing your patient portal solution
- By asking the right questions and connecting the right stakeholders, you can ensure that you implement a true community solution that will improve... All Healthcare IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Healthcare IT Webcasts