Thursday, October 30, 2014

News Roundup

HIMSS Submits Comments to NIST on Cybersecurity Infrastructure Framework RFI

PARCA eNews – Oct. 28, 2014 – HIMSS submitted comments to the National Institute of Standards and Technology (NIST) in response to its recent request for information (RFI), "Experience with the Framework for Improving Critical Infrastructure Cybersecurity."  HIMSS outlined a roadmap for addressing the three general areas of the cybersecurity framework outlined by NIST. In brief summary the points HIMSS made included:
  • To strengthen cybersecurity and support business objectives of healthcare organizations, HIMSS recommended that privacy and security be integrated into the organization's business objectives;
  • To strengthen cybersecurity, HIMSS suggested that organizations increase their resilience to cyber incidents by utilizing lessons learned as part of their short-term and long-term recovery efforts.
  • To better handle incidents, HIMSS suggested that healthcare organizations have an incident response plan in place, which focuses on handling cyber incidents in terms of the roles and actions of people, processes, and technology within the healthcare organization.
In terms of the future roadmap, HIMSS recommended that the framework explain in detail what constitutes an accurate, thorough, and holistic risk assessment as well as how privacy and cybersecurity interrelate. 

PARCA Q: Have recent large-scale hacking events prompted your institution to reevaluate its security measures?

No comments:

Post a Comment