HSCC issues guide to promote cyber secure medical devices, health IT

Jan 28, 2019 - 03:01 PM
Symantic cyberattack. A woman typing on a laptop and on her mobile phone responding to a cyberattack.

The Healthcare and Public Health Sector Coordinating Council (HSCC) today released a consensus-based guide to developing, deploying and supporting cyber-secure medical devices and health information technology across the product lifecycle and improving information sharing between manufacturers and health care organizations. A public-private partnership of health care companies and providers developing collaborative solutions to mitigate threats to critical health care infrastructure, HSCC developed the Medical Device and Health IT Joint Security Plan in response to 2017 recommendations by the Health Care Industry Cybersecurity Task Force. “The goal of this effort was to align cybersecurity priorities and processes between medical device manufactures and health care providers to lower the cybersecurity risk in medical devices,” said Kevin McDonald, co-chair of the initiative and director of clinical information security at Mayo Clinic. “By creating this alignment we can strengthen the security of medical technology against cyber threats, improve cyber risk management within health care organizations, and better protect patient safety.” Feedback on the plan, which will be updated as needed to adapt to the changing threat environment, may be emailed to JSPFeedback@HealthSectorCouncil.org. 

Related News Articles

Headline
Agencies release guide to protect against bulletproof hosting provider cybercrimes 
U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet…
Headline
HSCC issues guidance for updated cybersecurity model contract language for health care organizations, medical device manufacturers
The Health Sector Coordinating Council’s Cybersecurity Working Group Nov. 18 released a best practices guide for health care organizations and medical device…
Headline
Agencies release updated guidance to combat Akira ransomware following recent attacks
A joint advisory issued yesterday by U.S. and international agencies provides updated guidance to defend against the Akira ransomware group, which…
Headline
Agencies release guidance on Microsoft Exchange server best practices
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners released joint guidance Oct. 30 on best practices for…
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services 
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…