FRISCO, Texas--(BUSINESS WIRE)--The Health Information Trust Alliance (HITRUST), the leading organization supporting the healthcare industry in advancing the state of information protection, issued a statement today that it continues to fully support the Cybersecurity Act of 2015. HITRUST states that it supports the bill, which was passed today by the U.S. Congress as part of the omnibus spending package, because it formalizes the process for information sharing, encouraging private entities to share amongst themselves and with the government. The Act provides legal certainty that companies sharing information have safe harbor against frivolous lawsuits when voluntarily sharing and receiving threat indicators and defensive measures in real time, as well as when taking actions to mitigate cyber attacks.
HITRUST opposed any amendment that would weaken significant provisions including the need to safeguard privacy and civil liberties or weaken liability protection for information sharing, and encouraged establishment of appropriate roles for government agencies and departments to continue to collaborate with industry.
The act also directs the Secretary to evaluate how to most effectively disseminate cyber threat information from the government to industry. This critical process has received much attention over the last year and HITRUST supports this direction. As an official Information Sharing and Analysis Organization (ISAO), HITRUST operates the healthcare sector’s most active cyber threat exchange, the HITRUST CTX. HITRUST also coordinates heath industry’s most widely engaged cyber preparedness and response exercises through its CyberRX program and provides other programs including monthly industry cyber threat briefings. The HITRUST CTX, CyberRX and cyber briefings are all free offerings with no membership required.
Additionally, HITRUST states that the Cybersecurity Act of 2015 recognizes the importance of a health industry specific cybersecurity approach as well as associated guidance and best practices, leveraging industry standards that are developed through a public and private consensus-driven process. This recognition reinforces the significance of efforts already underway by HITRUST In coordination with the Healthcare and Public Health (HPH) Government and Private Sector Partnership for Critical Infrastructure Security and Resilience (CISR) to develop an industry-specific framework and guidance. HITRUST brings extensive experience in developing an information privacy and security framework, through the complimentary HITRUST CSF, which is the industry’s most widely adopted approach.
Although industry is making improvements in cyber readiness and response, by singling out the healthcare industry, the Act sends a clear message that law makers are concerned with the pace of this progress.
HITRUST continually endeavors to elevate the level of information protection by ensuring greater collaboration between the healthcare industry and government and looks forward to continued engagement with the Department of Health and Human Services (HHS) and the development of the taskforce.
About HITRUST
Founded in 2007, the Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST - in collaboration with public and private healthcare technology, privacy and information security leaders - has championed programs instrumental in safeguarding health information systems and exchanges while ensuring consumer confidence in their use.
For more information, visit http://www.HITRUSTalliance.net.
All product and company names herein may be trademarks of their respective owners.
