December 29, 2015 — The Healthcare Information and Management Systems Society (HIMSS) applauded the U.S. House and Senate for passing critical cybersecurity information sharing legislation as part of the FY2016 omnibus spending package.
The goal of S.754: Cybersecurity Information Sharing Act (CISA), which passed by the Senate in October, is to establish a legal framework that would encourage private industry to voluntarily share cybersecurity information (cyber threat indicators and defensive measures) with the federal government to help bolster efforts to guard against cyber attacks. CISA establishes the Department of Homeland Security (DHS) as the primary interface with the private sector and the main portal for the sharing of cyber information from industry to the federal government.
CISA seeks to balance the protection of personally identifiable information, which could put people at risk for unlawfully having their private information shared, with liability protections for entities who engage in the voluntary sharing of information with the federal government by requiring the removal of any personal information before it is shared.
HIMSS strongly supports the healthcare-specific provisions in the Cybersecurity Act of 2015 that will move the entire sector forward in addressing the many challenges of an increasingly complex health IT cybersecurity landscape.
HIMSS has consistently called for the need to ensure a single pipeline of actionable, real-time cyber threat data to healthcare leaders and facilitate consistent implementation of a common set of security and risk management standards and best practices across the sector.
HIMSS thanked HELP Committee Chairman Alexander (R-TN) and Ranking Member Murray (D-WA) for their leadership in authoring the provisions that will finally bring this much needed support to healthcare organizations as they work to protect patients and their data from growing cyber threats.
HIMSS said in a statement it looks forward to partnering with the Department of Health and Human Services (HHS) to implement these important policies and ensure the resulting tools and resources can be accessed and utilized by all healthcare organizations.
HIMSS is the global thought leader of health transformation through the best use of IT with a unique breadth and depth of expertise and capabilities to improve the quality, safety, and efficiency of health and healthcare. In North America, HIMSS positively transforms health and healthcare through the best use of information technology in the United States and Canada. As a cause-based non-profit, HIMSS North America provides thought leadership, community building, professional development, public policy, and events. HIMSS North America represents 61,000 individual members, 640 corporate members, and over 450 non-profit organizations.
For more information: www.himss.org/ResourceLibrary/genResourceDetailPDF.aspx?ItemNumber=45363
Related Healthcare Cybersecurity Content:
Raising the Bar for Medical Device Cyber Security
FDA Seeks Management of Cybersecurity in Medical Devices
Healthcare Industry Lacking in Basic Cybersecurity Awareness Among Staff
Market Report Calls Into Question St. Jude Medical EP Device Safety, Cybersecurity
FDA Harshly Criticizes Abbott, St. Jude For Failure to Address EP Device Safety
Healthcare 2015 Data Breaches - Why the Cloud Is Not Responsible
HIMSS: Two-Thirds of Healthcare Organizations Experienced a Recent, Significant Security Incident
How You Should – and Should Not – Be Sharing Medical Information With Patients
June 27, 2022 
