Frisco, TX – January 13, 2015: The Health Information Trust Alliance (HITRUST) announced today a statement in response to “SECURING CYBERSPACE—President Obama Announces New Cybersecurity Legislative Proposal and Other Cybersecurity Efforts.”
The White House made a renewed push Tuesday for cybersecurity legislation, asking the new Congress to revive cybersecurity legislation stalled over the past few years.
The new proposal would allow increased sharing of information on cyber threats from the private sector with protection from liability. Those indicators of cyber threats would immediately be shared with other government agencies like the DHS, FBI, NSA, and Secret Service, as well as private-sector Information Sharing and Analysis Organizations (ISAOs). The measure also would criminalize the sale of stolen financial data, and would require companies to notify consumers about data breaches. The updated proposal “promotes better cybersecurity information sharing between the private sector and government, and it enhances collaboration and information sharing amongst the private sector,” a White House statement said.
Public Statement by HITRUST
HITRUST applauds the White House’s proposal to encourage increased cyber threat information sharing between the private sector and government. Since 2007, HITRUST has endeavored to elevate the level of information protection by ensuring greater collaboration between industry and government, and raising the competency level of information security professionals across the healthcare industry. We have tremendous experience as a federally recognized ISAO and have many valuable lessons to share. In the past, there has been some confusion on who in the private sector companies can turn to in order to work with their government partners. With this step today, the White House has provided clarity that ISAOs are a key link that will continue to provide value to strengthen our government, our economy, and our nation as a whole given the growing cyber threats the nation faces. We look forward to working with the White House, Congress and the Department of Homeland Security as they continue to foster the formation of private-sector led information sharing as well as existing information sharing relationships between government and the private sector.
Phone interviews are available upon request with Daniel Nutkis, CEO, HITRUST and Roy R. Mellinger, HITRUST Board of Directors and CISSP-ISSAP, ISSMP, CIM, Vice President, IT Security & Chief Information Security Officer, Anthem, Inc.
For more information on HITRUST’s cybersecurity information sharing efforts:
CyberRX: Health Industry Cyber Threat Exercise
For The White House Press Release on Securing Cyberspace:
SECURING CYBERSPACE—President Obama Announces New Cybersecurity Legislative Proposal and Other Cybersecurity Efforts
Founded in 2007, the Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST – in collaboration with public and private healthcare technology, privacy and information security leaders – has championed programs instrumental in safeguarding health information systems and exchanges while ensuring consumer confidence in their use.
HITRUST programs include the establishment of a common risk and compliance management framework (CSF); an assessment and assurance methodology; educational and career development; advocacy and awareness; and a federally recognized cyber Information Sharing and Analysis Organization (ISAO) and supporting initiatives. Over 84 percent of hospitals and health plans, as well as many other healthcare organizations and business associates, use the CSF, making it the most widely adopted security framework in the industry.
For more information, visit www.HITRUSTalliance.net.
All product and company names herein may be trademarks of their respective owners.