Healthcare industry group builds cybersecurity threat center
Network World - Looking to address growing cybersecurity threats in the healthcare industry the Health Information Trust Alliance today said it has established a centralized Cybersecurity Incident Response and Coordination Center where organizations can report incidents and get help remediating electronic medical security problems.
The 5-year-old HITRUST group -- which is led by an amalgamation of healthcare and computing industry giants such as WellPoint, Kaiser Permanente and Cisco -- said it created the center with an eye toward helping the U.S. healthcare industry battle cyberattacks with timely alerts and by sharing of relevant cybersecurity threat and event information.
IN PICTURES: High-tech healthcare technology gone wild
"The group will focus on cybersecurity threats and events targeted at healthcare organizations in areas, including, but not limited to, networks, mobile devices, workstations, servers and medical devices. This sharing of information is crucial for organizations' preparedness, protection and crisis management," the group stated.
"The center is working initially with 14 leading industry organizations, representing health plans and health systems, and the U.S. Department of Health and Human Services to share various security incident information. The center will collaborate with HITRUST and others to identify and remediate incidents, and will also obtain and synthesize cyber threat and response information from numerous other sources to make the information more readily available to center participants. HITRUST will also lead the center's participants in evaluating appropriate tools and related security mechanisms to support the center's efforts," the group stated.
The HITRUST organization has already established what it calls a Common Security Framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information.
"As the healthcare industry continues its conversion process to full patient electronic medical records, it will most certainly become a more frequent target of cybersecurity attacks, and having such a system in place in the near future will be key to collaboratively responding and preventing such attacks," said Jorge DeCesare, chief data security administrator of Dignity Health, in a statement.
A recent Network World story helps define the cybersecurity problems healthcare organizations are facing. The article noted that a biannual survey of 250 healthcare organizations shows the percentage experiencing a patient data breach is up. And with the growth in electronic records-keeping, more of those problems are originating from laptops and mobile devices rather than a human slip-up in handling paper documents.
"Use of new technologies, in particular mobile devices in the workplace, has skyrocketed, creating new operational efficiencies and security vulnerabilities," noted the survey report, entitled the "2012 HIMSS Analytics Report: Security of Patient Data." The organization Healthcare Information and Management Systems Society also pointed out, "As mobile devices proliferate in exam rooms and administrative areas, so do the associated vectors of potential attack. Adding to this are the risks from employee negligence and organizational policies that have not kept pace with ever-changing technology."
- Google I/O 2013's Coolest Products and Services
- 10 Star Trek Technologies That are Almost Here
- 19 Generations of Computer Programmers
- 25 Must-Have Technologies for SMBs
- A walking tour: 33 questions to ask about your company's security
- 15 social media scams
- The 7 elements of a successful security awareness program
With the promise of big data (solving the unsolvable problems, informing better decision making, creating new products and services, discovering patterns and acting on them, etc.) on the horizon, what has really changed? Does this mean that everything we know and do with not-so-big data should be tossed?
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Case Study: Hospital Turns to Email Archiving Solution to Ensure Regulatory Compliances
- Read this case study to learn how a cloud-based email archiving solution enabled the hospital to meet government mandates and helps avoid thousands...
- Case Study: In-the-Cloud Email Service Replaces Three Point Products
- Read this case study for more information on a comprehensive in-the-cloud email service to help replace three point products.
- Case Study: Simplifying the Transition to Exchange 2010 with Email Management Solutions
- Read this case study to learn how a cloud-based email management solution greatly simplified the company's transition to Exchange 2010.
- Intelligent Systems: A Prescription for Health Care Transformation
- Facing an onslaught of regulatory changes and market pressures, health care providers are grappling with how to transform existing services as part of...
- The Importance of Network Time Synchronization
- Your network is time stamping files, email, transactions, etc., while your server logs are recording the transactions in case you need that information.... All Healthcare IT White Papers
- Becoming An Analytics Driven Organization
- Join us on Tuesday, June 18, 2013, 11:00 AM EDT and learn how your agency can create an analytics culture that will enable...
- 3 Reasons Why Sepaton is the World's Fastest Backup Solution
- Leading analyst, Storage Switzerland learns how Sepaton backs up and deduplicates massive data volumes while maintaining the industry's fastest performance - all in...
- Enterprise File Sharing: All You Need to Know
- Security. Scalability. Control. These are just some of the many benefits of enterprise cloud file-sharing that you'll discover in this KnowledgeVault, packed with...
- Bridging HTTP and FTP with FileXpress Internet Server
- What if you could take an FTP server on your internal network, and allow external users (partners or customers) to securely access it...
- MFT and FileXpress - An Overview
- Business users and applications exchange files on a regular basis. File transfer is a core part of the flow of business activity. All Healthcare IT Webcasts