New HITRUST Working Group Aims To Improve Health IT Security
January 16, 2015 in News
The Health Information Technology and Medical Device Integrity and Security Program was formed to respond to the lack of industry-wide standards for sharing vulnerabilities and best practices with other organizations, according to Health IT Security (Reardon, Health IT Security, 1/15). The group aims to avoid, report and mitigate vulnerabilities in the health care industry (HITRUST release, 1/15).
Members will include:
- Health IT vendors;
- Health IT users; and
- Medical device makers.
To improve health IT security, the group will collaborate with industry stakeholders to:
- Address concerns regarding health IT systems security and reliability;
- Boost awareness of users’ role;
- Create a framework to prevent and report vulnerabilities;
- Enhance communication; and
- Increase public trust in the industry (FierceHealthIT, 1/15).
HITRUST put together a steering committee to organize and manage the group. The committee will create an outline of goals and deadlines for the new group to meet. The members of the committee include:
- Carl Dvorak, president of Epic Systems;
- David Muntz, senior vice president and CIO at GetWellNetwork;
- Daniel Nutkis, CEO of the HITRUST Alliance;
- Karl Stubelis, vice president of athenahealth;
- Michael Wilson, vice president and CISO at McKesson; and
- Tony Gilman, CEO of Texas Health Services Authority (Health IT Security, 1/15).
Nutkis said the program will provide short-term and long-term benefits, “from better requirements and guidance to timely and consistent vulnerability reporting and disclosure” (FierceHealthIT, 1/15).