The Health Sector Cybersecurity Coordination Center (HC3) is leading the charge for the U.S. Department of Health and Human Services in aiding the protection, coordination, and sharing of cybersecurity information to the Healthcare and Public Health (HPH) sector. HC3 achieves this through developing cyber-attack mitigation resources and fostering HPH sector collaboration and partnerships.
To support the defense of the healthcare and public health sector’s information technology infrastructure, by strengthening coordination and information sharing within the sector and by cultivating cybersecurity resilience, regardless of organizations’ technical capacity.
The Health Sector Cybersecurity Coordination Center (HC3) was established in response to the Cybersecurity Information Sharing Act of 2015. A federal law mandated to “improve the cybersecurity in the U.S. through enhanced sharing of information about cybersecurity threats, and for other purposes.”
In order to safeguard cybersecurity information sharing and improve the cybersecurity posture of the sector, the Department of Health and Human Services established the Health Sector Cybersecurity Coordination Center (HC3). HC3 was established to act as the coordinator of cybersecurity information sharing across the HPH sector and to affirm the protection of vital healthcare information and aid the sector in mitigating cyber-attacks through collaboration.
HC3 is the U.S. Department of Health and Human Services’ focal point for cybersecurity collaboration with the Healthcare and Public Health (HPH) sector, ensuring cybersecurity risks are actively identified and communicated with a centralized systematic operation of:
- Vigilance and Awareness
HC3's role is to work with the HPH sector to understand the threats it faces, learn adversaries' patterns and trends, and provide information and approaches to the sector on how it can better defend itself.
Addtionally, HC3 facilitates access to knowledge-based resources necessary to support robust cybersecurity programs, and mitigate dmamge in security breach situations.
HC3 helps to identify, correlate, and communicate cybersecuirty informaiton across the HPH sector
HHS partnerships with the industry to increase awareness and foster consistency with cybersecurity practices for a wide range of stakeholders.
There are key benefits of information sharing within the HPH sector for one, increased cybersecurity awareness across various stakeholder audiences, such as small, medium, and large healthcare organizations.
Another benefit is the increased vigilance and detection for sector defense, for example, a reduction of interrupted care delivery and patient safety and tactical defense measures and best practices.
Lastly, the information sharing within the HPH sector allows for an enterprise-level view of cybersecurity risk management it shows a holistic view of cybersecurity, rather than just an IT perspective.