The Health Information Trust Alliance (HITRUST) on Tuesday launched the HITRUST Cyber Threat Analysis Service (C-TAS), which it bills as a collaborative platform for cyber defense specific to the healthcare industry.

As a new component of HITRUST's Cybersecurity Incident Response and Coordination Center, the platform's participants include health systems, payers, pharmacy benefit managers, pharmacies and pharmaceutical manufacturers, as well as government organizations such as the Department of Health and Human Services and the Department of Veterans Affairs.

[See also: HITRUST launches cybersecurity center.]

“With tens of thousands of medical devices in use in our facilities across the country, being able to protect these devices from cybersecurity threats is a key priority for us,” said John Oswalt, associate deputy assistant secretary for Policy, Privacy & Incident Response, the Department of Veterans Affairs. “Having a resource that allows us to have a standardized approach to communicating and understanding security concerns with these devices and to collaborate with experts, device manufacturers and others in the industry to better protect them is a major step forward for the entire industry.”

By combining intelligence analysis capability with broad industry collaboration, HITRUST officials hope a "community defense" model can be achieved.

The C-TAS represents a major step for the healthcare industry in proactively protecting vital electronic health data and the nation’s critical infrastructure against cyber crime, cyber espionage and cyber activism, say HITRUST officials. The service also seeks to shore up vulnerabilities for electronic health record systems (EHRs) and medical devices.

“As EHR systems have evolved and matured into a critical component in the delivery and management of patient care, it is important that the method for managing and communicating security vulnerabilities matures as well,” said Michael Wilson, vice president and chief information security officer, McKesson. “McKesson is committed to working closely and effectively with our customers when it comes to security of our products. Helping establish a robust and uniform approach to vulnerability submission and reporting for EHRs benefits not only our customers, but the entire industry.”

Attacks against healthcare information systems, which are inherently vulnerable to unauthorized access and contain personal health information, consumer data, intellectual property and trade secrets, are increasing exponentially and becoming more sophisticated and targeted, HITRUST officials point out.

Data breaches in healthcare jumped more than 30 percent from 2010 to 2011 and the average economic impact of a data breach was $2.2 million, including an increase from 20 to 30 percent of respondents reporting criminal attacks as the root cause, according to the December 2011 Second Annual Benchmark Study on Patient Privacy & Data Security by Ponemon Institute.

With the Cyber Threat Analysis Service, HITRUST aims to deliver:

• A comprehensive set of cyber threat intelligence specific to the healthcare industry, monitoring for healthcare specific threats and risks;
• A trusted community-based platform, with vulnerability reporting, knowledge sharing and collaboration without attribution to victim organizations;
• Support of best practices, in the form of research, reports and briefings for multiple user groups, including operations, investigators, and chief information security officers.

Identified as one of the 18 critical infrastructure sectors by the Department of Homeland Security (DHS), healthcare and public health (HPH) constitutes 17 percent of the Gross National Product and protects all sectors of the economy. The sector is unique in that the vast majority of the assets are privately owned and operated, yet at the same time highly interconnected, making collaboration and information sharing between public and private organizations essential to increasing resilience of the nation's HPH critical infrastructure.

The HITRUST Cybersecurity Incident Response and Coordination Center is coordinating with the DHS for participation in the Critical Infrastructure Information Sharing and Collaboration Program (CISCP). In addition, it is developing processes for information sharing with the Homeland Infrastructure Threat and Risk Analysis Center (HITRAC) in order to enable greater collaboration and information sharing between industry and government, and to enable better preparedness and response to threats targeted against all of critical infrastructure, including the healthcare industry and its assets.

“When the first discussions occurred last year on the creation of an industry C-TAS, I strongly supported the goal as I saw this as a crucial tool for the industry,” said Roy Mellinger, vice president and chief information security officer, WellPoint. “The resources offered from threat intelligence and analysis targeted specifically at healthcare and healthcare related systems to threat reports and alerts allows every organization to benefit by making information more targeted, readily accessible and meaningful.”

[See also: HITRUST makes updates to Common Security Framework.]

The HITRUST C-TAS is the result of a partnership with iSIGHT Partners, a global cyber intelligence firm supporting leading commercial entities and federal, state, and local government organizations.

“Cyber threats targeting the healthcare sector are very unique and it’s important to craft sector-specific threat intelligence capabilities and products,” said John Watters, CEO of iSIGHT Partners. “‘One company’s detection is the next company’s prevention,’ and in this spirit we are working together as a community and leveraging our collective capabilities and insights to help the industry navigate its adaptive threat environment.”

“The level of collaboration we are experiencing across the healthcare industry and with government agencies, EHR vendors and medical device manufacturers is unprecedented and reflects the importance to the industry,” said Daniel Nutkis, chief executive officer, HITRUST. “The HITRUST C-TAS is a major step forward in the availability of tools and knowledge for organizations to prepare and respond to cyber incidents, and to better protect this critical industry."