HSCC Testimony and Policy Statement
- This topic has 0 replies, 1 voice, and was last updated 1 year, 1 month ago by .
Viewing 0 reply threads
Viewing 0 reply threads
- You must be logged in to reply to this topic.
Home › Forums › CISO Affinity Group › HSCC Testimony and Policy Statement
The House Energy and Commerce Subcommittee on Oversight and Investigations held a hearing today at 10:30am eastern time on the topic of medical device cybersecurity – I testified on behalf of HSCC, along with former CWG Chair Erik Decker (Intermountain); Dr. Christian Dameff (UCSD); Michelle Jump (MedSec); and Kevin Fu (Archimedes at Northeastern University.
In addition to addressing the committee’s topical interest, HSCC announced its recommendation that, in lieu of the HIPAA Security Rule notice of proposed rulemaking, the Administration initiate a consultative process with the health sector that could lead to higher levels of accountability in healthcare cybersecurity. Discussions could start with the work we have published over the past several years on the range of healthcare cybersecurity issues. The proposed process would resemble that which led to the NIST Cyber Framework process, only in this case specifically for healthcare cybersecurity.
Accordingly, attached are:
1. The testimony to House Energy and Commerce Subcommittee on Oversight and Investigations
2. Policy Statement recommending a consultative process for healthcare cybersecurity policy in lieu of HIPAA NPRM
3. Press release announcing above
4. Updated (from 2023) Government Recommendations document that can serve as starting point for consultations along with HICSP and our many sound practices pubs
All of these documents are listed below:
1. https://development.scottsdaleinstitute.org/wp-content/uploads/2025/04/2025-HEALTH-INDUSTRY-CYBERSECURITY-RECOMMENDATIONS-FOR-GOVERNMENT-POLICY-AND-PROGRAMS.pdf
2. https://development.scottsdaleinstitute.org/wp-content/uploads/2025/04/HSCC-ANNOUNCES-HEALTHCARE-CYBERSECURITY-POLICY-RECOMMENDATION-AT-CONGRESSIONAL-HEARING.pdf
3. https://development.scottsdaleinstitute.org/wp-content/uploads/2025/04/HSCC-GARCIA-TESTIMONY-TO-HOUSE-ENERGY-AND-COMMERCE-OVERSIGHT-AND-INVESTIGATIONS-SUBCOMMITTEE.pdf
4. https://development.scottsdaleinstitute.org/wp-content/uploads/2025/04/HSCC-STATEMENT-ON-HEALTHCARE-CYBERSECURITY-POLICY.pdf
Greg Garcia
Executive Director
Health Sector Coordinating Council Cybersecurity Working Group
https://HealthSectorCouncil.org
greg.garcia@HealthSectorCouncil.org
443.510.8641