Health Care Industry Cybersecurity Task Force Releases Final Report

On Friday, June 2, the Health Care Industry Cybersecurity (HCIC) Task Force released the final version of its report to Congress.   By way of background, given the significant cybersecurity threats and cyber-attacks facing the healthcare industry, the Health Care Industry Cybersecurity (HCIC) Task Force was formed in accordance with Section 405 of the Cybersecurity Act of 2015 (CSA).[1]  The Task Force was established for a time period of one year.  

More detailed information on the Task Force Report is available on the HIMSS website.  

The Task Force was chartered to perform activities including the following:

  • Analyze the healthcare cybersecurity problem, analyze other sectors’ approaches to cybersecurity;
  • Review challenges in regard to securing connected medical devices and other software or systems that connect to electronic health record systems; and
  • Establish a cybersecurity information sharing plan for the healthcare industry.

The findings within the report are the result of discussions among Task Force members, experts in the healthcare industry, and colleagues in government and cross-sector critical infrastructure sectors.  This article highlights key content from the Task Force’s report and provides relevant information on HIMSS initiatives.  , many of which are highlighted in the HIMSS Cyber Call to Action.

The report and the formation of the Health Care Industry Cybersecurity Task Force are the direct result of Section 405 of the Cybersecurity Act of 2015, which reflected recommendations from HIMSS’ 2015 Cybersecurity Congressional Ask