HSCC issues guide to promote cyber secure medical devices, health IT

Jan 28, 2019 - 03:01 PM
Symantic cyberattack. A woman typing on a laptop and on her mobile phone responding to a cyberattack.

The Healthcare and Public Health Sector Coordinating Council (HSCC) today released a consensus-based guide to developing, deploying and supporting cyber-secure medical devices and health information technology across the product lifecycle and improving information sharing between manufacturers and health care organizations. A public-private partnership of health care companies and providers developing collaborative solutions to mitigate threats to critical health care infrastructure, HSCC developed the Medical Device and Health IT Joint Security Plan in response to 2017 recommendations by the Health Care Industry Cybersecurity Task Force. “The goal of this effort was to align cybersecurity priorities and processes between medical device manufactures and health care providers to lower the cybersecurity risk in medical devices,” said Kevin McDonald, co-chair of the initiative and director of clinical information security at Mayo Clinic. “By creating this alignment we can strengthen the security of medical technology against cyber threats, improve cyber risk management within health care organizations, and better protect patient safety.” Feedback on the plan, which will be updated as needed to adapt to the changing threat environment, may be emailed to JSPFeedback@HealthSectorCouncil.org. 

Related News Articles

Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
Agencies warn of state-sponsored cyberattacks from Russia, China
U.S. and international agencies are warning of potential cyberattacks on health care and other critical infrastructure from state-sponsored cyber actors in…
Headline
CISA alerts of critical vulnerability impacting free program used for building user interfaces 
A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s…
Headline
FDA announces digital health services pilot 
The Food and Drug Administration announced Dec. 5 that it will launch the Technology-Enabled Meaningful Patient Outcomes for Digital Health Devices Pilot, or…
Headline
Resources available to help detect malicious AI schemes
The FBI has public resources available to help prevent exploitation by cybercriminals, who use artificial intelligence for deception. An infographic by the FBI…
Headline
NIST says critical vulnerability found in 7-Zip archiving software
A critical vulnerability has been identified in 7-Zip, a free software program used for archiving data, according to the National Institute of Standards and…