HHS Cybersecurity Report 'Slowly, but Surely' Understanding Issue, Experts Blog
Three recommendations from a recent Department of Health and Human Services task force report on enhancing cybersecurity in the healthcare sector "stand out," blogged Internet Security Alliance CEO Larry Clinton and Senior Director Stacey Barrack. They are: identifying scalable governance best practices and developing executive education programs; requiring current and future federal cybersecurity regulations be harmonized; and incentivizing the sector to implement leading practices. Increased regulation "may actually be hurting" efforts to improve security since few experts have time to address compliance, they wrote Monday. Plus, a "dynamic system" -- possibly with grant and tax incentives and "good actor credits" -- is "desperately" needed to motivate the sector to implement improvements, they said. The report, promoted in HHS officials' testimony during a House hearing last week (see 1706070040), shows government "is slowly, but surely" starting to understand the problem and its need to work with industry, wrote Clinton and Barrack.