Guidance on Healthcare Information Sharing Companies Publicized by HSCC

The Healthcare and Public Health Sector Coordinating Council (HSCC) introduced guidance on cybersecurity data sharing for healthcare companies.

HSCC is an alliance of about 200 public-private businesses and institutions, which include health IT businesses, medical device suppliers, pharmaceutical vendors, laboratories, health plans, government agencies and payers. Its objective is to give collaborative solutions to help in minimizing cybersecurity hazards affecting the healthcare sector.

The Health Industry Cybersecurity Matrix of Information Sharing Organizations (HIC-MISO) is HSCC’s fourth cybersecurity guidance publication as required by the Health Care Industry Cybersecurity Task Force to help mitigate the risks and threats of information sharing in the industry. HSCC penned other resources in the past about healthcare market cybersecurity guidelines, building a medical device joint security plan, and the creation of a medical industry cybersecurity personnel.

Numerous health companies are starting to grasp the seriousness of cybersecurity information sharing though they have no idea where to begin. With more healthcare organizations encountering cyberattacks, an entity should be more aware and ready by means of community involvement.

The goal of the HIC-MISO is to guide healthcare institutions in realizing the necessity of cybersecurity information sharing and to give the guidance they require to start taking part in threat sharing. The HIC-MISO is a collection of the most useful information sharing organizations (ISOs) in the healthcare sector and the services they deliver.

To make the HIC-MISO straight forward and manageable, it is confined to the most frequently employed ISOs helping the healthcare market at a national and not a regional level. The HIC-MISO comprises information on ISOs which include HITRUST, HPH-SCC, H-ISAC, and MED-ISAO, as well as the goal/job of each, the services delivered, and any fees of participation. It is targeted at healthcare institutions without resources to be involved in over one to two threat sharing groups.

HSCC advises healthcare institutions that are not already engaging in threat sharing to begin slowly and to share only the most crucial data. As the program develops and companies become more secure with threat sharing, considerably more information could be shared enlarging the program. The most essential step is to get going.

The HIC-MISO is given a guide that lets organizations build an information management structure that’s suited to the size of the organization, the accessible resources, and its risk profile.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at