Key Takeaway: Last week the Department of Homeland Security (DHS) released guidance to assist private sector and federal entities to share cyber threat indicators with the Federal Government.
Why It Matters: The release of guidance and interim policies relating to the sharing of cyber threat indicators (CTIs) with the federal government was the first significant deliverable from the passage of the Cybersecurity legislation that was enacted into law in late 2015.
President Obama signed the Cybersecurity Information Sharing Act of 2015 into law on December 28, 2015, with the goal of increasing cybersecurity information sharing between the private sector and the Federal Government. The Act provides various protections to non-federal entities that share CTIs defensive measures with the Federal Government.
The Department’s Automated Indicator Sharing (AIS) initiative, through the National Cybersecurity and Communications Integration Center (NCCIC) is the principal vehicle for sharing indicators with the Federal Government. Threats shared with the Department through AIS or other official DHS mechanisms, conducted according with the Act’s requirements receives liability protection.
In addition to the guidance released to assist private sector and federal entities to share CTIs with the Federal Government, the Department also released interim policies and procedures relating to the receipt and use of cyber threat indicators by federal entities, interim guidelines relating to privacy and civil liberties in connection with the exchange of those indicators, and guidance to federal agencies on sharing information in the government’s possession.
The first round of deliverables from the healthcare-specific section of the Cybersecurity law are due from the Department of Health and Human Services (HHS) by March 17, 2016. This includes the establishment of a taskforce of healthcare industry stakeholders tasked with outlining the unique challenges, opportunities and needs of the healthcare sector as it related to cybersecurity.
The Administration also announced the formation of commission on improving cybersecurity, chaired by Tom Donilon, former National Security advisor, and Sam Palmisano, former IBM CEO.
Quality Measure Alignment Drumbeat Bears Some Fruits from CMS in a New Effort
Key Takeaways: CMS Announces new alignment effort following repeated calls to harmonize quality measures
Why it Matters: CHIME has repeatedly comment to CMS that the need for standards harmonization is critical not only from the standpoint of reducing administrative burden and complexity for providers, but in order to deliver on the intended value for patients. CHIME advocated again for this in our comments to CMS on their Request for Information on quality measurement as among our top 3 recommendations which include:
- Reduce the burden on providers by better aligning the reporting requirements of different payers and government programs.
- Require vendors to certify to all electronic clinical quality measures (eCQMs).
- Improve the testing process to be more reflective of real-life clinical scenarios, rather than sterile testing environments
In response to repeated calls for more measure alignment, CMS recently announced that in conjunction with America’s Health Insurance Plans (AHIP) and others in the industry they have arrived at consensus on measuring physician quality in seven areas through an effort known as the Core Quality Measures Collaborative. The seven areas include: accountable care organizations (ACOs), patient centered medical homes (PCMH), and primary care; cardiology; gastroenterology; HIV and Hepatitis C; medical oncology; obstetrics and gynecology; and orthopedics. CMS is already using measures from the each of the core sets. Using the notice and public comment rule-making process, CMS also intends to implement new core measures across applicable Medicare quality programs as appropriate, while eliminating redundant measures that are not part of the core set.
OCR Pumps out New, Clarifying Guidance on HIPAA
Key Takeaways: New OCR guidance takes aim at clarifying existing rules
Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.