Inside CHIME: Cybersecurity Task Force Report Includes CHIME’s Requested Actions

Inside CHIME - header

By Candace Stuart, Director of Communications & Public Relations

Cybersecurity Task Force Co-chair Theresa Meadows

The Department of Health and Human Services’ Cybersecurity Task Force sent its much-anticipated report to Congress on Friday, June 2. The 96-page report offered dozens of recommendations for the healthcare industry, including many of the actions CHIME requested, such as payers offering incentives for investing in tools that will improve cyber hygiene as well as harmonizing federal policies providers must meet.

“The Task Force report marks an important milestone in the recognition of the importance of strengthening the cybersecurity posture of the healthcare industry, which has lagged behind other critical infrastructures,” CHIME President and CEO Russell Branzell said in a statement. CHIME and the Association for Executives in Healthcare Information Security (AEHIS) have advocated for several protections and improvements to federal policies that will improve the cybersecurity climate for them and the patients they serve.

Cybersecurity Task Force Member David Finn

“CHIME championed the need for this Task Force and the inclusion of the healthcare provider perspective during the passage of the Cybersecurity Act of 2015. After a year of thoughtful deliberation, it is rewarding to see the more than 100 recommendations made by the Task Force,” Branzell continued.

He commended Theresa Meadows, senior vice president and CIO of Cook Children’s Health Care System, in Fort Worth, Texas, the Task Force co-chair, and fellow Task Force member David Finn, Health Information Technology Officer of Symantec Corporation in Mountainview, California. Both are members of the CHIME Board of Trustees. “These two CHIME board members devoted hundreds of volunteer hours and have been tireless advocates for patients and providers,” he said.

Among the report’s key findings:

  • The state of cybersecurity in healthcare must improve and coordination across all industry stakeholders (federal agencies, Congress, healthcare providers, medical device manufacturers, accreditors, insurers, professional associations) is paramount.
  • The federal government should provide additional resources and opportunities, starting with a new federal official to serve as a single point of contact to the industry on cybersecurity.
  • Efforts must be undertaken to streamline and harmonize the federal requirements that may be in conflict or impeding enhanced cybersecurity hygiene.

The Task Force report is available here.

More Inside CHIME Volume 2, No. 12: