HIROC joins fight for increased cyber safety in healthcare

HIROC signs the Declaration of Commitment to Cybersafe Healthcare

Friday, June 1, 2018 – Ed Corcoran / Michelle Holden

At the HealthCareCAN Canadian Summit for Healthcare Cyber Security in February, what became clear was that organizations are only as strong as their weakest link. These weak links can be departmental or process-specific, but they can also extend to vulnerabilities in the supply chain.

According to a survey undertaken by HealthCareCAN in May 2017, 8 in 10 health leaders and Canadians believe that Canada’s health sector is vulnerable to cyberattacks.

Health sector organizations, in particular, face increasing threats to their systems through social engineering, ransomware, hacking medical devices, or even something as simple as a USB key left in the parking lot. Hacking a healthcare facility is known as ‘Resource Hi-Jacking’ because these systems contain vast information related to PHI, banking, intellectual property and research. 

Better together

For HealthCareCAN, cyber resilience depends on the steps individuals and organizations take but also on shared action plans. The element of a shared action plan comes through in the Declaration of Commitment to Cybersafe Healthcare, introduced at the Summit in February. HealthCareCAN plans to launch the declaration formally at the National Health Leadership Conference (June 4-5).

To date 18 organizations have come together to form a group of founding signatories. For HIROC, being a part of this collective initiative – along with a number of our subscriber organizations – will inspire us to continue to innovate and find ways to reduce risk when it comes to cyber security in healthcare.

Organizations who sign the declaration commit to six tangible actions they can each take to increase cybersecurity preparedness and resilience:
  1. Champion: Championing cyber safety in Canada’s health sector;
  2. Inform: Ensuring leaders, staff, and partners are informed about the scope of the challenge and opportunities to mitigate risk;
  3. Contribute: Contributing to shared action plans that build resilience to cyberattacks;
  4. Advance: Progressing cyber safety in ways consistent with our mandates, considering opportunities for prevention, mitigation, preparedness, response, and recovery;
  5. Share: Sharing information, best practices, and tools with others within and beyond the health sector to build collective capacity and resilience; and
  6. Transparency: Publishing by Cybersecurity Awareness Month in October 2018 how we will apply these commitments in our unique context and/or with our community.
For HealthCareCAN, the hope in making these commitments and in sharing member organizations’ strategies to address them, is that the industry will be inspired to innovate when it comes to prioritizing resilience and response planning. Perfectly in line with HIROC’s vision, at its core this initiative is about partnering to create the safest healthcare system.

Questions about HIROC’s cyber coverage or our participation in the Declaration of Commitment to Cybersafe Healthcare can be directed to inquiries@hiroc.com.

Ed Corcoran is Manager, Reciprocal Operations, HIROC. Michelle Holden is Communications and Marketing Specialist, HIROC