NH-ISAC Working Groups
All NH-ISAC Members are welcome to participate in the NH-ISAC Working Groups. If you are an NH-ISAC Member and would like to form a Working Group or for additional information on the Working Groups listed below, please email us at email@example.com.
Threat Intelligence Portal (TIP) Working Group
The TIP Working Group (TIP WG) specializes in defining best ways to share threat intelligence through existing platforms such as Bright Point Security (formerly known as Vorstack) and Soltra Edge as well as identifying new platforms that would be beneficial for NH-ISAC members. TIP WG will provide help and assistance for new members of NH-ISAC to integrate their respective log management solutions into Threat Intelligence Platform. The group will create a set of documents on how to integrate into TIP, properly share threat intelligence between members of NH-ISAC, and provide recommendations on best and most effective ways to utilize Threat Intelligence Platform available to NH-ISAC members.
Emergent Healthcare Identity and Authentication (EHIA)
The EHIA will establish expectations for functionality of healthcare identity and authentication with the NH-ISAC membership and identify industry activities that are furthering this work. Overlapping, conflicting or missing capabilities will be tracked.
The NH-ISAC and membership will then identify opportunities to influence activities to create a more harmonized model. We will align with the goals of the 2011 Presidential Directive for a National Strategy for Trusted Identities in Cyberspace (NSTIC).
Big Data Working Group
The Big Data Controls Working Group provides a forum for individuals working in the healthcare industry to share lessons learned regarding the challenges and opportunities associated with big data systems. The working group seeks to identify information control best practices for big data systems and also identify data analytics best practices for security and business applications. Meetings are held once per month and are designed to provide an opportunity to learn about the different tools and techniques that have proven effective in our different environments.
Medical Device Working Group
The National Health Information Sharing and Analysis Center (NH-ISAC) established the Medical Device Security Information Sharing Council (MDSISC) on October 1, 2015. The mission of the MDSISC is to bring together stakeholders in the medical device security arena to develop solutions, identify best practices and facilitate the exchange of information that will result in a more efficient and secure use of medical devices and related practices.
Membership is open to medical device manufacturers and stakeholders of the medical device security community that conduct their activities consistent with NH-ISAC’s Operating Rules including Non-Disclosure Agreement, health industry regulations and best practices, and the highest ethical standards.
Provider Special Interest Council
The NH-ISAC Provider Special Interest Council is a new work group.
The purpose of this work group is to find innovative ways to improve cybersecurity while not impeding patient care to lower the risk to the organization that may be vulnerable to attacks by the former employees, contractors, or potential hackers who look to compromise critical systems and steal health records. The goals of the Provider Working Group are to share ideas and generate white papers as well as new solutions to address the new technology within the provider community.
· Establish (or adopt) a minimum standard for cybersecurity
· Establish standards for tele health technology
· Assist with supporting the smaller provider organizations
· Increase the share of methods for cybersecurity and data protection
· Develop patient/employee friendly cybersecurity approaches
· Assist with training and awareness campaigns
The activities of the group may consist of some or all of the following:
· Listserver for the community to share and exchange information
· Monthly virtual/in-person meetings
· Development of white papers on cybersecurity approaches and best practices
· Track at the NH-ISAC Fall and Spring Summits
· Workshops devoted to provider security topics
· Providing input/recommendations to NH-ISAC Board on strategy, priorities, etc.
· Other activities or products as determined by the working group.