https://www.healthcareitnews.com/news/security-chief-touts-value-hicp-cyber-preparedness-cookbook-recipes-readiness
By Mike Miliard
Healthcare IT News
November 20, 2019
In December of 2018, the U.S. Department of Health and Human Services
published a four-part document known as Health Industry Cybersecurity
Practices: Managing Threats and Protecting Patients.
The document, known by the acronym HICP (and pronounced like the reflexive
sound one might make after eating too quickly), offers extensive voluntary
cybersecurity tips and best practices to help healthcare organizations –
whatever size or shape they might be, and wherever they are with their
security readiness – some tried-and-true advice and achievable steps to
take to improve their posture.
As required by Cybersecurity Act of 2015, section 405(d), HICP was drafted
to help hospitals and medical practices more cost-effectively mitigate
their cybersecurity risks. It was a two-year effort, compiled by 150
healthcare and infosec experts, from the public and private sectors.
One of them was Erik Decker, chief security and privacy officer at
University of Chicago Medicine, who served as industry co-lead on the
project.
"We heard loud and clear through this process that providers need
actionable and practical advice, tailored to their needs, to manage modern
cyber threats," Decker explained upon HICP's publication in 2018. "That is
exactly what this resource delivers; recommendations stratified by the
size of the organization, written for both the clinician as well as the IT
subject matter expert."
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
