– The public-private sector Healthcare and Public Health Sector Coordinating Council (HSCC) has released the Medical Device and Health IT Joint Security Plan (JSP), which contains recommendations for managing medical device security in clinical practice.
Developed over the past year, the plan is a reference guide for developing, deploying, and supporting secure medical devices and health IT products in the healthcare environment. The plan was developed by medical device manufacturers, healthcare IT vendors, healthcare providers, and the federal government.
The JSP developed from a set of recommendations issued in June 2017 by the Health Care Industry Cybersecurity (HCIC) Task Force, which urged increasing the security and resilience of medical devices and health IT. The HCIC was established by HHS at the direction of the Cyber Security Act of 2015.
“You have the three major stakeholders [device makers, healthcare providers, and the FDA] in this process with an incentive to find a solution that is scalable, from small to mid-sized hospital organizations and medical device makers,…