Public Health Emergency - Leading a Nation Prepared
The Health Care Industry Cybersecurity Task Force has released its report to Congress titled Report on Improving Cybersecurity in the Health Care Industry.
The Health Care Industry Cybersecurity Task Force, established by the Department of Health and Human Services in March 2016 per the Cybersecurity Act of 2015, Section 405(c), has officially completed its analysis and delivered its report to Congress.
To meet its charge under the Cybersecurity Act and improve cybersecurity practices in the health care industry, the Task Force members held four in-person meetings which were open to the public (public summaries are archived on this site for public review), as well as additional virtual meetings to address the following five (5) requirements of the Act:
The Task Force members represented a wide variety of organizations within the health care and public health sector, including hospitals, insurers, patient advocates, security researchers, pharmaceutical companies, medical device manufacturers, health information technology developers and vendors, and laboratories.
Over the course of the year, the Task Force invited various health care industry leaders and experts from other critical infrastructure sectors to provide information regarding cybersecurity best practices, trends, threats, and general concerns with the members. Additionally, the Task Force posted several blogs that encouraged the public to provide information, thoughts, and ideas that the Task Force could use to inform their deliberations and address the Act requirements.Now that the report has been delivered the Task Force has officially disbanded.
Task Force members were selected based on recommendations from a panel of subject matter experts from HHS, DHS, and NIST. The following criteria were used in selecting Task Force members:
The members of the Health Care Industry Cybersecurity Task Force were:
Theresa Meadows, MS, RN, CHCIO, FHIMSS, FACHESenior Vice President and Chief Information Officer Cook Children’s Health Care System
George DeCesare, JDSenior Vice President and Chief Technology Risk OfficerKaiser Permanente Health Plan
Roy Mellinger, CISSP-ISSAP, ISSMP, CIMVice President IT Security and Chief Information Security Officer Anthem, Inc.
Mark Jarrett, MD, MBA, MSSenior Vice President and Chief Quality OfficerNorthwell Health andProfessor of MedicineHofstra Northwell School of Medicine
Jacki Monson, JDChief Privacy and Information Security OfficerSutter Health
Ram Ramadoss, MBA, CISA, CISM, CISSP, CRISC, CIPPVice PresidentCRP Privacy and Information Security and EHR Compliance OversightCatholic Health Initiatives
Fred TrotterData JournalistCareSet Systems
David TingCo-Founder and Chief Technology OfficerImprivata, Inc.
Christine Sublett, MA, CISSP, CIPT, CRISC, CGEITChief Information Security Officer and Head of ComplianceAugmedix, Inc.
David Finn, CISA, CISM, CRISCHealth Information Technology OfficerSymantec Corp.
Michael McNeilGlobal Product Security and Services Office Philips Healthcare
Terry RiceVice President IT Risk Management and Chief Information Security OfficerMerck & Co.
Joshua CormanCo-FounderI Am The Cavalry
Alissa Johnson, PhDChief Information Security OfficerStryker Corp.
Vito Sardanopoli, CSM, CISSP, CISADirector of Cyber Security Services and GovernanceQuest Diagnostics
Dan McWhorterVice President and Chief Intelligence StrategistFireEye, Inc.
Anura FernandoPrincipal EngineerMedical Software and Systems InteroperabilityHealth Sciences DivisionUL LLC
Emery CsulakChief Information Security OfficerCenters for Medicare and Medicaid ServicesU.S. Department of Health and Human Services
Laura LaybournDirectorStakeholder Engagement and Cyber Infrastructure ResilienceOffice of Cybersecurity and CommunicationsU.S. Department of Homeland Security
Kevin Stine Chief, Applied Cybersecurity DivisionInformation Technology Laboratory National Institute of Standards and Technology
Lauren Thompson, Ph.D.DirectorDepartment of Defense/Department of Veterans Affairs Interagency Program OfficeDefense Health Management Systems
Rob Suárez Director of Corporate Product SecurityBD (Becton, Dickinson and Company)
Home | Contact Us | Accessibility | Privacy Policies | Disclaimer | HHS Viewers & Players | HHS Plain Language
Assistant Secretary for Preparedness and Response (ASPR), 200 Independence Ave., SW, Washington, DC 20201
U.S. Department of Health and Human Services | USA.gov |
HealthCare.gov in Other Languages