Validating Your Cybersecurity Preparedness with 405d HICP

A discussion on cyber hygiene practices that help reduce risk and increase resilience at your hospital

In 2021, cybersecurity breaches hit an all-time high, with 679 breaches affecting 45 million individuals in the U.S., an 84% increase in the total number of breaches since 2018.  Distributed care, remote working, telehealth and information-sharing mandates continue to accelerate and are expanding the attack surface at a rapid pace.

To help reduce this increased risk, the U.S. Department of Health and Human Services (HHS)  established the 405(d) Health Industry Cybersecurity Practices (HICP) Guide, which aligns with the National Institute for Standards and Technology (NIST) Cybersecurity Framework (CSF) and identifies ten practices that are tailored to small, medium, and large organizations.  The intent is to help today’s overtaxed  healthcare IT, Security, Privacy and Compliance teams to reduce their risk and increase resilience.  

Listen as David Ting, Founder and CTO of Tausight, Will Long, Chief Security Officer, First Health Advisory and Jen Ryan, SVP Marketing and Executive Customer Relations at Tausight discuss how to:

  • Navigate the 405d HICP and approaches that will reduce your organization’s risk – while helping to lower cybersecurity insurance rates and potential fines, as well as simplifying auditing and reporting
  • Determine the basic steps that you can take to improve your organization’s cybersecurity resilience
  • Learn ways to measure your organization’s performance against the 405d HICP

Speakers Include:

Due to technical difficulties, Aaron Miri was unable to make the webinar. You can hear an interview with Aaron on this topic here.

This 45 minute webinar was recorded 2pmET on June 29th

profile phot of David Ting

David Ting – Founder and CTO, Tausight

David Ting is the CTO/Founder of Tausight, a startup focused on reducing healthcare cyber incidents using a proactive, risk management philosophy. Working with an experienced healthcare team of technology innovators and backed by top-tier healthcare investors Polaris Partners and Flare Capital Partners, Tausight is working to solve an urgent pain point for digital health.

Previously, David co-founded Imprivata and built the technology behind the OneSign solution used extensively in healthcare. As director, he oversaw Imprivata’s evolution from a venture backed startup to a public company and subsequent private acquisition in 2016. David has more than twenty years of experience developing identity and security solutions for government and enterprise environments. 

In 2016, David was appointed by the U.S. Department of Health and Human Services to the Health Care Industry Cybersecurity Task Force, authorized under the Cybersecurity Information Sharing Act of 2015. He helped draft the recommendations for securing healthcare in the Cybersecurity Task Force Report submitted to Congress in 2017. David holds twenty-two US patents, with additional pending. David holds B.Eng and M.Eng degrees in Electrical Engineering from McGill University.

profile photo of Will Long

Will Long – Chief Security Officer, First Health Advisory

Will has spent 31 years in cyber-security and information technology. He has worked both in the provider and payer sectors of the healthcare industry for 29 of those years. During his career, he has held several information technology and security leadership roles, including VP & Chief Information Security Officer (CISO) for Children’s Health System of Texas and VP of Technology an Infrastructure at Baylor Scott & White health, where he was responsible for all technology supporting the hospitals and clinics, including the biomedical and imaging technologies. Will holds a B. S. Electronic Engineering Technology and a M.S. in Information Systems Management. In addition, Will holds CHISL, CISSP and CPHIMS certifications. Will is the former Board Chair of the Association for Executives in Health Information Security (AEHIS) and continues to serve as a board member.