A new analysis has been released explaining the importance of maintaining oversight and regulation on the health care sector.
“HHS’ HCCIC Takes a Quantum Leap Forward to Secure the Health Sector: A Fortunate Solution to the Rampant Risk of Minimalistic, Self-Governing Bureaucracy,” released by the Institute for Critical Infrastructure Technology (ICIT), examines why the health care sector is unable to oversee itself and why the Healthcare Cybersecurity and Communications Integration Center is essential to securing medical information.
The HCCIC would put an end to the “self-regulating, checkbox-driven security standards” that will allow healthcare organizations to “skirt liability,” the analysis declares, and allow for effective oversight and management of the health care sector’s security.
Poor security habits and cost-cutting measures have led to a multitude of damaging attacks, one of which being the February 2015 exposure of 78.8 million patients with Anthem, Inc.
This attack compromised the patients’ names, medical IDs, Social Security numbers, addresses, email, employment information, income data and more. A subsequent lawsuit against the insurance provider was settled, with Anthem agreeing to pay $115 million but refusing to admit any wrongdoing or responsibility for the harm.
This incident is not an exception, rather just one example, according to the report. The number of attacks on the health care sector have been climbing but, remarkably, the security has not followed suit.
The HCCIC would serve as a much needed supplement to the National Cybersecurity and Communication Integration Center, allowing businesses to get improved access to threat data, collaborating with programs like the Information Sharing and Analysis Organizations and the Information Sharing and Analysis Centers, and ensuring the private companies remain security conscious.
To read the analysis in its entirety, go here.