Health and Human Services Department officials think the public and private sectors need to collaborate to fend off cyberthreats.
HHS plans to provide grants to “information sharing and analysis organizations” — up to $250,000 a year for five years — that would encourage health care IT professionals and regulators to combine their knowledge about impending cyberthreats.
A 2015 executive order directs businesses, nonprofits and government agencies to share information about cyber risks and specific cybersecurity incidents so they can address them “in as close to real time as possible.” It also tasks the Homeland Security secretary with forming these organizations, which can be any size and grouped by sector, sub-sector, region or any other affiliation.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Within health care, a strong information-sharing structure is key to keeping patient records private and safe, Karen DeSalvo, national coordinator for health IT, said in a statement.
“Not only do we need to worry about natural disasters, but also increasingly we must combat—and prevent—cyberthreats,” Nicole Lurie, HHS assistant secretary for preparedness and response, said in a statement.” Many parts of the health care system don’t have access to the information they need to protect themselves from these threats.”
Ideally, threat information will move “bi-directionally between HHS and the health care and public health sector,” but also could be provided to DHS and the FBI, according to an HHS announcement.