Medicare Compliance & Reimbursement

Whether you’re a data security novice or have always prioritized cyber hygiene, you should bookmark the HC3 webpage and take advantage of the handy and timely federal guidance.

Lowdown: The Department of Health and Human Services (HHS) created the Health Sector Cybersecurity Coordination Center (HC3) to better implement provisions outlined in the Cybersecurity Information Sharing Act of 2015. HC3 focuses entirely on cybersecurity, data sharing, and threats in the healthcare sector. Additionally, HHS religiously updates the HC3 webpage with new products, initiatives, and alerts.

HC3 is broken down into three areas. Here is an overview with the definition for each category:

Under “threat briefs,” HHS “highlights relevant cybersecurity topics and raises the [healthcare and public health] HPH sector’s situational awareness of current cyber threats, threat actors, best practices, and mitigation tactics.”

Under “sector alerts,” the agency gives “high-level” updates on threats with the information targeted specifically for a technical audience. The resources provide defensive advice to combat current large-scale threats and vulnerabilities.

Under “other products,” HHS offers concise analysis and education on hot cybersecurity topics with alerts and white papers. Recent deep dives include a white paper on artificial intelligence and phishing; analysis and fixes for issues with SolarWinds software; and a white paper on the intersection of QR codes and phishing.

Bonus: For healthcare cyber historians, an archive of resources is available. Check out HC3 at www.hhs.gov/about/agencies/asa/ocio/hc3/index.html.