× Business
TelecomHealthcareDigital MarketingERPRetailMedia and EntertainmentOil and GasFood and BeveragesMarketing and AdvertisingBanking and InsuranceMetals and MiningLegalComplianceCryptocurrency
Big DataCloudIT ServiceSoftwareMobileSecurityNetworkingStorageCyber SecuritySAPData AnalysisloTBio TechQuality AssuranceEducationE-commerceGaming and VFXArtificial Intelligencescience-and-technology
Cisco DATABASE Google IBM Juniper Microsoft M2M Oracle Red hat Saas SYMANTEC
CEO ReviewCMO ReviewCFO ReviewCompany Review
Startups Opinion Yearbook Readers Speak Contact Us

HHS releases voluntary guidance for healthcare organizations

siliconreview HHS releases voluntary guidance for healthcare organizations

The United States Department of Health and Human Services, a cabinet-level department of the U.S. federal governmentreleased a four-volume report, voluntary guidance for healthcare organizations. The report is titled “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients.” A team of more than 150 cybersecurity and healthcare experts developed the HICP report, mandated under the Cybersecurity Act of 2015.

According to HHS, combating cyberattacks is as difficult as fighting a deadly virus. It requires mobilization and coordination of resources across mass stakeholders (both public and private) to mitigate risks. The stakeholders include IT vendors, hospitals, medical device manufacturers etc.The average cost of a data breach per healthcare firm is $2.2 million which is alarming enough to take actions as per the HHS report.

“Healthcare industry is truly a varied digital ecosystem,” said Erik Decker, privacy officer for the University of Chicago Medicine. In this sector, particularly, practical advice is required, tailored to organizations’ needs which will help them to manage cyber threats. Hence, authors have included recommendations for the c-suite, as well as IT experts. HHS officials stress the importance of private-public partnerships to protect critical infrastructure. They have also planned to create awareness programs and to implement the suggested cybersecurity practices.

It is everyone’s responsibility to look after cybersecurity and each organization must leverage the value of partnerships among government and stakeholders to collaboratively deal with the problems.