Cyber

Health Sector Publishes Guide for Coordinating Privacy and Security Partnerships

Feb 19, 2024

The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group has published a guide for health providers and companies to coordinate privacy and cybersecurity functions for improved overall compliance and operational efficiencies and effectiveness.

As cyberattacks and data breaches of private information continue to increase in both frequency and severity, there is significant evidence that neither regulations nor enterprise compliance and risk management programs approach these interdependent responsibilities with coherent and coordinated policy and practice.

Factors ranging from organizational structure to conflicting priorities can lead to disconnect between Privacy and Security, increasing organizational risk. The challenges arising from the separation and individualization of Privacy and Security roles, each with their own isolated strategies, can impact an organization in unanticipated ways. Collaboration challenges fall into five overarching themes: (1) cross-functional alignment, (2) operational understanding, (3) team dynamics, (4) organizational culture, and (5) regulatory responsibility.

This publication seeks to do the following:

  • Identify intersections, interdependencies, and regulatory and operational distinctions between enterprise Privacy and Security disciplines;
  • Enumerate potential challenges and corresponding risks arising from gaps and/or misalignments between Privacy and Security functions and priorities;
  • Describe differing structural advantages and disadvantages for coordinating or integrating functions; and
  • Recommend options for frameworks, practices, and measures that can assist with informing, coordinating, and integrating Privacy and Security compliance and operations efforts.

Click here to access the guide.


Related Posts

Cybersecurity 600
  • Call for Comments

Share Your Feedback: Cybersecurity Preparedness

Survey closes December 20, 2024.

Dec 16, 2024

Share Your Feedback: Cybersecurity Preparedness

Share Feedback web
  • Call for Comments Information Technology

Public Health Professionals: Your Voice Is Needed

Survey closes December 2.

Oct 31, 2024 | Shannon Duffy

Public Health Professionals: Your Voice Is Needed

Cybersecurity 600
  • Tools & Resources Policy Statement Information Technology

Spotlight on Local Health Department Cybersecurity

See a new policy statement and new fact sheet to support local health...

Oct 31, 2024 | Shannon Duffy

Spotlight on Local Health Department Cybersecurity

Accessible web 600
  • Tools & Resources Communications & Public Relations

Digital Accessibility: Three Tips to Make Local Health...

See tips for local health departments on how to make websites and mobile...

Oct 25, 2024 | Matt Giljahn, Communications Coordinator, Dakota County Public Health (MN)

Digital Accessibility: Three Tips to Make Local Health...

Cybersecurity
  • Tools & Resources

CISA Warns of Hurricane-Related Scams

See resources to avoid falling victim to malicious cyber activity.

Sep 26, 2024

CISA Warns of Hurricane-Related Scams

Cyber
  • Information Technology

HHS Reorganizes Technology, Cybersecurity, Data, and...

HHS implements reorganization to enhance technology, cybersecurity, data,...

Aug 06, 2024

HHS Reorganizes Technology, Cybersecurity, Data, and...

Screenshot 2024 04 17 083518
  • Tools & Resources

NACCHO Website Gets a Fresh Look: Explore the Latest...

Check out the recent updates to NACCHO.org and explore the revamped website.

Apr 17, 2024 | Angie McPherson

NACCHO Website Gets a Fresh Look: Explore the Latest...

Data

Request: Share examples of Healthcare and Public Health...

Share your cybersecurity policies.

Apr 05, 2024 | Shannon Duffy

Request: Share examples of Healthcare and Public Health...

Opportunity
  • Opportunity

Grant Funding Available for State and Local Cybersecurity

Applications due October 6.

Aug 15, 2023 | Beth Hess

Grant Funding Available for State and Local Cybersecurity

Back to Top