National Healthcare Workshop
The Department of Homeland Security (DHS) sponsored a National Healthcare Workshop in coordination with the Department of Health and Human Services (HSS) to encourage the automation of cyber-related information to protect against cyber threats and coordinate response within the health care sector. This workshop is part of a DHS Automated Indicator Sharing (AIS) effort to gain a focused understanding of the issues and challenges within and between the critical infrastructure sectors.
The goal of this workshop was to help DHS understand the organization’s current workflow and how AIS capabilities and information could be incorporated, as well as to increase the probability that shared information would be utilized. Other benefits include the identification of capabilities leading to new avenues of automation with broader information and course-of-action sharing.
Goals/Objectives
DHS Goals
- Define and document the automated information-sharing challenges in the health care sector.
- Demonstrate joint outreach to a critical sector with the sector-specific agency (SSA).
HHS-Specific Goal
Within the health care community, enable private- and public-sector organizations at the federal, state, and local levels to improve cyber information-sharing capacity and coordinated responses by leveraging the work already being done or planned within the federal government and National Health Information Sharing and Analysis Center (NH-ISAC) community.
Objectives:
- Education of participants: Information sharing resources available, and types of information being shared now and by whom.
- Understanding processes and documenting gaps: What is needed in terms of process, information, tools, and services to make the situation better? How can we as a community lower the bar to sharing and overcome the hurdles?
HHS Workshop Agenda
Day 1: April 17, 2017
| Time | Event | POC |
|---|---|---|
| 8:00 a.m. – 8:30 a.m. | Check-in | All |
| 8:30 a.m. – 9:00 a.m. | Welcome and Facility information | APL, CAC staff |
| 9:00 a.m. – 9:40 a.m. | Keynote speaker: Current cyber information sharing capabilities & unique challenges for the healthcare sector | HHS, Steve Curren, Director for the Division of Resilience Office of Emergency Management Office of the Assistant Secretary for Preparedness and Response |
| 9:40 a.m. – 10:15 a.m. | National Cybersecurity and Communications Integration Center, AIS and future plans | DHS NCCIC, Preston Werntz |
| 10:15 a.m. – 10:30 a.m. | Break | All |
| 10:30 a.m. – 11:00 a.m. | Law Enforcement role and perspective on healthcare cyber information sharing | FBI HQ, Caitlin Bataillon |
| 11:10 a.m. – 11:50 a.m. | HHS HCICC overview, capabilities and future plans | HHS, Leo Scanlon |
| 11:50 a.m. – 12:30 p.m. | National Health-Information Sharing and Analysis Center role and future plans | NH-ISAC, Ed Brennan |
| 12:30 p.m. – 1:00 p.m. | Lunch | All |
| 1:00 p.m. – 1:40 p.m. | Health Information Trust Alliance and its Cyber Threat Exchange programs | HITRUST, Elie Nasrallah |
| 1:40 p.m. – 2:30 p.m. | Wrap-up and Discussion |
Day 2: April 18, 2017
| Time | Event | POC |
|---|---|---|
| 8:00 a.m. – 8:30 a.m. | Check-in | All |
| 8:30 a.m. – 9:10 a.m. | Keynote speaker: DHS Resources and Assistance | DHS – Erin Shepley - Integrated Cybersecurity Services, FNR, Office of Cybersecurity and Communications |
| 9:10 a.m. – 9:50 a.m. | The NH-ISAC initiative to bring all levels of participants into the sharing community | NH-ISAC, Ed Brennan |
| 9:50 a.m. – 10:30 a.m. | Healthcare information sharing at the state-level | MD, Les Hawthorne, Maryland Coordination and Analysis Center (MCAC) |
| 10:30 a.m. – 10:45 a.m. | Break | All |
| 10:45 a.m. – 11:25 a.m. | Law Enforcement resources for healthcare information sharing | FBI, SA AmyLynn Errera |
| 11:25 a.m. – 12:00 p.m. | HITRUST services and the use of the CSF for small and medium organizations | HITRUST, Bryan Cline |
| 12:00 p.m. – 12:45 p.m. | Final thoughts and wrap-up | All |