HIMSS Responds to NIST Cybersecurity RFI

In a September 9th letter to Commission Chair Thomas Donilon of the Commission on Enhancing National Cybersecurity at the National Institute of Standards and Technology (NIST) HIMSS responds to the Current and Future States of Cybersecurity in the Digital Economy request for information (RFI).  HIMSS noted that health information technology can play a role in improving the cybersecurity infrastructure of our nation’s healthcare sector.

In the letter HIMSS noted that the current and future trends for cybersecurity in the healthcare sector fall under the following topics:

  • Healthcare is Vulnerable to Cyber Attacks
  • Greatest Cybersecurity Concern for the Healthcare Sector is Patient Safety 
  • Healthcare Organizations Still Need to Improve their Security Posture
  • Aging and Outdated Technology Poses Risks to the Healthcare Sector
  • Too Many Vulnerabilities in Technology to Contend with 
  • Third Parties Introduce Risk   
  • Medical Device Security is a Challenge 
  • Too Much Malware Exists

In the next couple years HIMSS noted, that more outreach to the healthcare sector needs to be done regarding Federal Government resources, in addition to more outreach to the sector on cyber threat intelligence sharing with information sharing and analysis centers (ISACs) and information sharing and analysis organizations (ISAOs).

HIMSS noted that the private sector is proactively working to address cybersecurity with “all hands on deck.”  Healthcare providers, vendors, security researchers, and other stakeholders are all working together to improve the healthcare cybersecurity baseline for all constituents.  New cybersecurity solutions are being innovated and meaningful information is being shared about cyber threats and defending against them through the Health Care Industry Cybersecurity Task Force, the InfraGard Cyber Health Working Group, the National Health Information Sharing and Analysis Center, and other ISAOs in the healthcare sector.

View Final Letter