Coalfire Teams with Healthcare and Public Health Sector Coordinating Council (HSCC) for Fall Summit

October 18, 2018, Rich Curtiss, Principal, Healthcare Risk Assurance Services

The Department of Homeland Security (DHS) charged the Healthcare and Public Health Sector Coordinating Council (HSCC) with serving as a partnership between the private and public healthcare sectors.1 To that end, two unique councils were formed: The Healthcare and Public Health Government Coordinating Council (HGCC) was established by presidential directive to sustain the essential functions of the nation’s healthcare and public health system; the HSCC is a companion council established by presidential directive as a private sector counterpart with similar mission objectives. A key difference between the two is the HSCC is a purely voluntary organization whose membership is solicited to provide influence and expertise within the healthcare industry.

The HSCC meets twice a year and held their 2018 Joint Coordinating Council Fall Summit and Sector Tabletop Exercise at HCA in Nashville, Tenn., from October 9-11. The HSCC meetings fall under the DHS Critical Infrastructure Partnership Advisory Council (CIPAC), which assists in facilitating the sessions and ensures confidentiality of meeting content.2

The HSCC convened with a Joint Cybersecurity Working Group3 (JCWG) All-Hands Meeting to discuss “Task Group” status including security risk management, medical technology, and cybersecurity best practices efforts. There is a total of 13 task groups working under JCWG covering different aspects of cybersecurity impacting healthcare organizations. This was a CIPAC covered meeting, so details can only be disclosed to those healthcare entities that are part of the SCC.

Day two convened with a professionally facilitated, major healthcare incident response “table-top” exercise to elicit participant recommendations, responses, and best practices. Coalfire contributed to this exercise as a key healthcare cybersecurity expert. This, too, was a CIPAC covered activity. An added benefit was the opportunity to attend the Health and Human Services (HHS) daily call on the Hurricane Michael response. 

The HSCC concluded the Fall Summit with a series of presentations and a discussion about the HPH sector forward planning including the GCC and SCC. Coalfire is pleased to be a member of HSCC and JCWG, where a number of our healthcare security experts participate in different task groups and contribute to deliverables produced by JCWG.

The HSCC is growing and maturing, and industry participation is key to the success of the sector moving forward. It was both an honor and a privilege to participate in crafting the future of the healthcare and public health critical infrastructure sector.

1 https://www.dhs.gov/healthcare-and-public-health-sector-council-charters-membership

2 https://www.dhs.gov/cipac-charters-and-membership

3 https://healthsectorcouncil.org/

Rich Curtiss

Author

Rich Curtiss — Principal, Healthcare Risk Assurance Services

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff cloud CoalfireOne Compliance credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS
Top