Statement on the Release of the Health Care Industry Cybersecurity Task Force Report

ANN ARBOR, MI, June 2, 2017 – This afternoon the Health Care Industry Cybersecurity Task Force released their report on improving cybersecurity in the healthcare industry as mandated under the Cybersecurity Act of 2015.

Statement by CHIME President and CEO Russell Branzell on the Health Care Industry Cybersecurity Task Force Report:

Our members have been early and avid advocates for the need to fortify our nation’s healthcare system from a growing and persistent stream of cybersecurity threats. The Health Care Industry Cybersecurity Task Force report released today highlights the challenges and opportunities facing healthcare providers in their ongoing efforts to protect patient data and ensure patient safety is not in jeopardy.

The Task Force report marks an important milestone in the recognition of the importance of strengthening the cybersecurity posture of the healthcare industry, which has lagged behind other critical infrastructures. CHIME championed the need for this Task Force and the inclusion of the healthcare provider perspective during the passage of the Cybersecurity Act of 2015. After a year of thoughtful deliberation, it is rewarding to see the more than 100 recommendations made by the Task Force.

The report and the Task Force’s thoughtful recommendations come at a critical time, offering solutions to many of the challenges and opportunities our members have previously identified in their efforts to improve their organization’s cybersecurity hygiene. Our members welcomed recommendations concerning the need for the federal government to offer incentives to encourage greater investment in cybersecurity and the need for a single point of contact within HHS on cybersecurity. CHIME members also support the recommendations concerning the need to identify gaps in device surveillance and cybersecurity, including harmonizing disparate rules like aligning the Health Insurance Portability and Accountability Act (HIPAA) guidance with the Food and Drug Administration’s (FDA) oversight of devices.

We applaud Theresa Meadows, CIO Senior VP and CIO of Cook Children’s Health Care System, the Task Force co-chair, as well as fellow Task Force member, David Finn, Health Information Technology Officer of Symantec Corporation. These two CHIME board members devoted hundreds of volunteer hours and have been tireless advocates for patients and providers.

The Task Force report can be found here and CHIME and AEHIS’ summary of the report can be found here.

The College of Healthcare Information Management Executives (CHIME) is an executive organization dedicated to serving chief information officers (CIOs) and other senior healthcare IT leaders. With more than 2,300 CIO members and over 150 healthcare IT vendors and professional services firms, CHIME provides a highly interactive, trusted environment enabling senior professional and industry leaders to collaborate; exchange best practices; address professional development needs; and advocate the effective use of information management to improve the health and healthcare in the communities they serve. For more information, please visit

Candace Stuart
Director of Communications and Public Relations, CHIME
[email protected]