James Scott, senior fellow at the cybersecurity think tank Institute for Critical Infrastructure Technology, praised the HHS' healthcare-specific approach to cybersecurity in an August report.
Mr. Scott wrote HHS is uniquely suited to help the Department of Homeland Security improve healthcare cybersecurity. In particular, he emphasized the Healthcare Cybersecurity and Communications Integration Center — HHS' version of Homeland Security's National Cybersecurity and Communications Integration Center — is crucial for the nation's cybersecurity strategy, despite facing public scrutiny from stakeholders who feel the center is redundant.
Here are three insights into the cybersecurity knowledge gap the center can fill.
1. Mr. Scott called the HCCIC a "quantum leap forward" in support of cybersecurity efforts in healthcare. The HCCIC does not duplicate the NCCIC, he wrote — it serves as an additional check and communication channel to ensure the utmost security of patient information.
2. The self-regulating practices for cybersecurity in the private sector have failed, but the HCCIC offers "real leadership and powerful collaboration to raise the bar," reads the report. He noted medical data is more valuable to hackers than other types of data, like financial information, even though hospitals do not always secure or encrypt medical devices.
"The economics of risk management allow organizations operating in this irresponsible manner to make short-term profits while shirking essential security requirements, transferring risk to consumers until an incident is discovered and their public reputation is challenged," Mr. Scott wrote.
3. An information analysis and communication hub like HCCIC can help mitigate these risks. In fact, Mr. Scott claimed the NCCIC may fail without the HCCIC.
"Without the HCCIC, the success of the NCCIC will be dependent on the avarice and will of private companies who are more interested in market incentives than the security posture of the sector," he wrote."
Click here to read the full report.
More articles on health IT:
Microsoft Azure to feature big data analytics platform
eClinicalWorks voices support for National Health Center Week
Cerner: 5 tips for successful hospital-vendor IT partnerships