Skip to main content

Post Topic: Incident Response

Behavioral Incident Response Strategies in Clinical Settings

Written by Julia Annaloro on . Posted in Health-ISAC, White Papers.

Joint white paper with Health-ISAC and the Hawaii State Fusion Center (HSFC)

In 2024, Health-ISAC and the Hawaii State Fusion Center (HSFC) worked together to develop a white paper showcasing the benefits of integrating behavioral response teams in healthcare delivery environments, such as reduced workplace violence and increasing the scope of incidents that in-house resources can respond to. This paper used insights from a survey of the Health-ISAC membership about behavioral risk management and the Health-ISAC Physical Security Working Group, a group of physical security experts from various healthcare organizations across the Health-ISAC Membership that helped inform implementation strategies that navigate healthcare-specific obstacles and maximize behavioral response capabilities. The major conclusions drawn from this endeavor are as follows:

Key Judgements

  • Behavioral incident management teams will increase the scope of incidents healthcare organizations will be equipped to respond to, creating a well-rounded security presence.
  • There is currently a mental health crisis that is impacting the safety and well-being of healthcare workers, a problem that behavioral incident management teams can help alleviate.
  • Implementation of behavioral risk management elements are attainable in healthcare organizations of all sizes, and scalable to accommodate organizational growth through the Behavioral Threat Assessment and Management (BTA/M) Split model.
  • Behavioral incident management teams have proven to be successful in peer-reviewed studies and healthcare organizations that adopted them.
Read the white paper here. Click Here

Cyber Incident Response: Playbook for Medical Product Makers

Written by Julia Annaloro on . Posted in Health-ISAC, In The News.

New HSCC Publication Aims to Help Device, Drug Makers Improve Cyber Response

Read the full article in Healthcare Infosecurity here:

Click Here

 

Article excerpt:

Medical product manufacturers often face the same cyber incident response challenges as their peers in other industries, such as constraints in skills and technologies, said Phil Englert, vice president of medical device security at the Health Information Sharing and Analysis Center (Health-ISAC), and a contributor to the HSCC playbook.

But manufacturing processes to ensure medical products perform as intended are essential to protecting public health and may require reporting to other government agencies such as the Department of Health and Human Services or the Cybersecurity Infrastructure and Security Agency, he told Information Security Media Group.

For instance, “under section 506J of the Federal Food, Drug, and Cosmetics Act, during or in advance of a public health emergency, manufacturers of certain medical devices must notify the FDA of an interruption or permanent discontinuance in manufacturing,” he said.

“In addition to framing the incident severity assessment in terms of business impact, national security, or civil liberties, the guidance also impacts public health or safety in the incident response planning,” he said.

“Additionally, the guidelines infuse regulatory considerations into the cyber incident response team process, including reporting suspected or confirmed incidents to Health-ISAC and other information-sharing and analysis organizations.”

This site is registered on Toolset.com as a development site.