Security chief touts the value of HICP, a cyber preparedness ‘cookbook’ with recipes for readiness

The U.S. Department of Health and Human Services has published a comprehensive document called Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). The document offers voluntary cybersecurity tips and best practices for healthcare organizations of all sizes. Erik Decker, a healthcare and infosec expert, has highlighted the importance of the document and mentions that updates are being worked on, including supplemental materials and an updated version of HICP. The aim is to release these by the end of 2019 and to have a refreshed version of HICP every two years. Additionally, Decker says that a new set of materials is being developed to focus on cybersecurity as a component of enterprise risk management, with a planned release in 2021. In the meantime, healthcare organizations are encouraged to utilize the advice and guidance provided in HICP to enhance their cybersecurity posture and mitigate risks.