Censinet Delivers Freemium Support for Health Industry Cybersecurity Practices (HICP)
Post Summary
A free cybersecurity solution that automates the implementation of Health Industry Cybersecurity Practices (HICP). Helps healthcare organizations protect patient safety, operations, and data from cybersecurity threats. Streamlines compliance with HHS 405(d) guidelines through workflows, risk scoring, and reporting.
Provides free access to HICP assessments, risk scoring, and reporting tools. Automates workflows for internal audits and generates compliance reports for HHS, OCR, and insurance carriers. Reduces cybersecurity risks while demonstrating recognized security practices during audits or incidents.
HICP-based questionnaires tailored to organization size. Automated tracking of findings, remediations, and evidence capture. Executive dashboards for cyber posture insights and HICP coverage. Custom scheduling of assessments and reassessments to meet organizational needs.
HICP provides practical, industry-led guidelines to address the top five cybersecurity threats in healthcare. Compliance with HICP demonstrates strong cybersecurity practices, reducing enforcement fines and audit periods. Supports patient safety and care delivery by mitigating cyber risks.
The service is freely available to all healthcare delivery organizations. Organizations can sign up for free access at Censinet’s website.
HICP Assessments, Risk Scoring and Reporting Available to Healthcare Industry at No Charge
Boston, MA – June 28, 2022 – Censinet, a leading provider of risk management solutions for healthcare, today announced it is making the HHS 405(d) Program’s HICP publication available to all healthcare delivery organizations (HDOs) within a freely available version of Censinet RiskOpsTM. Designed to help HDOs protect patient safety, operations, and data from cybersecurity threats, Censinet RiskOpsTM for HICP streamlines and automates the Health Industry Cybersecurity Practices (HICP) into an easy-to-use and powerful workflow and reporting solution. With Censinet RiskOpsTM for HICP, healthcare organizations can demonstrate that they have adopted strong, recognized cybersecurity practices in the event of a cybersecurity incident and OCR audit.
“Today’s announcement aligns with our customers’ mutually-shared mission of protecting patient safety in healthcare,” stated Ed Gaudet, CEO and Founder of Censinet. “The last few years have been extremely difficult for healthcare providers and the industry at large. This is Censinet’s way of enabling the industry – physician practices, rural centers, community hospitals, ambulatory, and long-term care centers – to protect patients easily and affordably with the appropriate level of cyber hygiene and controls.”
The publication of the HHS 405(d) HICP in 2019 outlined a healthcare-specific approach to cybersecurity. Created in partnership with public and private organizations across the healthcare industry, HICP provides “practical, understandable, implementable, industry-led, and consensus-based voluntary cybersecurity guidelines to cost-effectively reduce cybersecurity risks” for “health care organizations of varying sizes.” To achieve this, HICP focuses on the five most prevalent cybersecurity threats and ten cybersecurity practices that address those threats.
“The Health Sector Coordinating Council (HSCC) Cyber Working Group (CWG) established HICP to reduce cybersecurity risk cost-effectively, support organizational adoption, and deliver actionable guidance for protecting patient safety and data,” said Erik Decker, Chief Information Security Officer at Intermountain Healthcare, Co-Lead of the 405(d) Task Group, and Chair of the HSCC CWG. “A freely available solution such as Censinet RiskOpsTM for HICP paves the way for all healthcare providers, regardless of size, to deploy HICP and reduce risks to patient safety and care delivery.”
Censinet RiskOps™ for HICP delivers assessment workflows that guide healthcare organizations through an internal audit that maps directly to the 405(d) HICP documentation. It automatically generates a report for your board or HHS that demonstrates your cyber posture. Key capabilities include:
- HICP-based questionnaires aligned to organization size
- Automated generation and tracking of findings and remediations
- Evidence capture to demonstrate best practice adoption
- Report generation for Department of Health and Human Services (HHS), Office for Civil Rights (OCR), and insurance
- Assessment segmentation for evaluating regional or practice area risk exposure
- Custom scheduling of assessments and reassessment to match organizational requirements
- Import of previous assessments for establishing a single repository
- Executive dashboard that reports on overall cyber posture
For more information on how healthcare organizations can reduce and avoid the impact of risk, please visit https://www.censinet.com/riskops-platform/hicp. Censinet RiskOpsTM for HICP is available now at no cost – to receive free access, sign up at: https://www.censinet.com/censinet-riskops-for-hicp-demo-request/.
About Censinet
Censinet, based in Boston, MA, enables healthcare organizations to take the risk out of their business with Censinet RiskOpsTM, the first and only cloud-based exchange that integrates and consolidates enterprise risk management and operations capabilities across critical clinical and business areas. RiskOps builds upon the Company’s foundational success with third-party risk management (TPRM) for healthcare. Censinet transforms healthcare risk by increasing productivity and operational effectiveness while eliminating risks to care delivery, data privacy, and patient safety. Find out more about Censinet and its RiskOps platform at censinet.com.
###
Contacts:
Censinet PR Team
public-relations@censinet.com
Twitter: twitter.com/censinet
LinkedIn: linkedin.com/company/censinet
Blog: censinet.com/blog
Key Points:
What is Censinet RiskOps™ for HICP, and why is it important?
- Censinet RiskOps™ for HICP is a free cybersecurity solution designed to help healthcare delivery organizations (HDOs) implement the Health Industry Cybersecurity Practices (HICP).
- It automates workflows, risk scoring, and reporting to protect patient safety, operations, and data from cybersecurity threats.
- Demonstrates compliance with HHS 405(d) guidelines and recognized cybersecurity practices during audits or incidents.
What are the key features of Censinet RiskOps™ for HICP?
- HICP-Based Questionnaires: Tailored to organization size for accurate assessments.
- Automated Tracking: Tracks findings, remediations, and evidence to demonstrate best practice adoption.
- Custom Scheduling: Allows organizations to schedule assessments and reassessments based on their needs.
- Executive Dashboards: Provides real-time insights into overall cyber posture and HICP coverage.
- Comprehensive Reporting: Generates reports for HHS, OCR, and insurance carriers to demonstrate compliance.
- Single Repository: Imports previous assessments to establish a centralized repository for risk management.
How does Censinet RiskOps™ for HICP benefit healthcare organizations?
- Free Access: Available at no cost to all healthcare delivery organizations, regardless of size or budget.
- Streamlined Compliance: Simplifies the implementation of HICP and compliance with HHS 405(d) guidelines.
- Improved Cybersecurity: Reduces risks from the top five cybersecurity threats in healthcare.
- Actionable Insights: Provides benchmarking and reporting to improve decision-making and cyber hygiene.
Why is HICP important for healthcare organizations?
- HICP Guidelines: Created in partnership with public and private organizations, HICP provides practical, industry-led guidelines to reduce cybersecurity risks.
- Focus Areas: Addresses the top five cybersecurity threats and ten actionable practices to mitigate those risks.
- Regulatory Compliance: Demonstrates recognized security practices, reducing enforcement fines and audit periods under HHS 405(d).
- Patient Safety: Supports care delivery by protecting sensitive data and reducing the impact of cyber threats.
What are the top five cybersecurity threats addressed by HICP?
- Email Phishing Attacks: Protects against malicious emails targeting sensitive information.
- Ransomware Attacks: Mitigates risks from ransomware that can disrupt care delivery.
- Loss or Theft of Equipment: Ensures safeguards for devices storing patient data.
- Insider Threats: Reduces risks from internal actors compromising security.
- Attacks Against Connected Medical Devices: Protects IoT devices critical to patient care.
How does Censinet RiskOps™ for HICP support compliance with HHS 405(d)?
- Automates internal audits that map directly to the 405(d) HICP documentation.
- Generates reports that demonstrate cyber posture and compliance with recognized security practices.
- Tracks progress over time, ensuring organizations meet the 12-month requirement for demonstrating security practices under Public Law 116-321.
How can healthcare organizations access Censinet RiskOps™ for HICP?
- The service is freely available to all healthcare delivery organizations.
- Organizations can sign up for free access at Censinet’s website
- Provides immediate tools and workflows to begin implementing HICP and reducing cyber risks.
