The Health Information Trust Alliance (HITRUST), a Frisco, Texas-based group that created a common security framework (CSF) for the healthcare industry, will be working with the Department of Health and Human Services (HHS) to offer free monthly briefings on best practices in information security.
The briefings will be held free of charge and use resources from the HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) and HHS' Computer Security Incident Response Center. They will begin in April of this year, last 60-75 minutes, and are intended for organizations of all sizes and data security maturity levels.
In addition, the two groups are collaborating on C3 alerts that will be issued anytime HITRUST C3 identifies a present and immediate cyber-threat relevant to a large number of healthcare organizations, medical devices or systems.
"Collaboration is crucial to reducing cyber threats for the entire healthcare industry, including the government," stated Kevin Charest, Chief Information Security Officer, U.S. Department of Health and Human Services. "These briefings and alerts allow us to better disseminate valuable and critical information to healthcare organizations more effectively so they can better prepare and respond to cyber threats and events."
This is not the first collaboration between HITRUST and HHS. Earlier this year, HITRUST announced its plans to lead an industry-wide effort to conduct exercises to simulate cyber attacks on healthcare organizations with HHS. The effort will be called CyberRX.
Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.