A Guide to Healthcare Sector Info Sharing Best Practices

Healthcare organizations now can take advantage of a new guide to best practices for cyber intelligence sharing – which could come in handy during the COVID-19 crisis, says Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center.

The guidance was issued by a task force of the Healthcare and Public Health Sector Coordinating Council, says Weiss, who chaired the group.

The guidance “looks at some of the real or perceived barriers that often inhibit information sharing in the first place,” he says in an interview with Information Security Media Group. “There are certainly plenty of laws and regulations that are in place today that affect all kinds of organizations – and vary from country to country, and even in the U.S. from state to state. So we deal with those rules and regulations.”

In this interview (see audio link below photo), Weiss also discusses:

  • The types of cyber intelligence that is potentially beneficial for healthcare sector entities to share;
  • Examples of cyber information sharing best practices;
  • How the new guidance can apply to the sharing of information related to COVID-19-themed malware and other attacks.

Weiss, who joined the Health Information Sharing and Analysis Center as CSO in 2019, has more than 25 years of experience in information security. He’s co-chair of a task group of the Healthcare and Public Health Sector Coordinating Council, a public/private collaborative for improving cybersecurity in the healthcare sector. Previously, Weiss worked at the National Security Agency, conducting vulnerability analyses of highly classified U.S. government systems. He also created and ran Citi’s cyber intelligence center and was a senior vice president with Bank of America’s global information security team.