Content created by Office of the Chief Information Officer (OCIO)
Contact Us
The Health Sector Cybersecurity Coordination Center (HC3) is a leading resource for cybersecurity information sharing and technical-based resources to help mitigate cyber breaches. If you cannot find what you are looking for, have questions about any of our resources, or would like more information about HC3, please contact us.
HC3 Hours
Monday - Friday, 9 AM to 5 PM EST
HC3@hhs.gov, opens in a new window
Subscribe to Our Alerts by Joining Our Distro:
HC3@hhs.gov, opens in a new window
Partners
Aligning Healthcare Industry Security Approaches (405(d), opens in a new tab)
The 405(d) Program and Task Group is a collaborative effort between industry and the federal government, which aims to raise awareness, provide vetted cybersecurity practices, and move organizations towards consistency in mitigating the current most pertinent cybersecurity threats to the sector. The 405(d) Program aims to develop consensus-based guidelines, practices, and methodologies to strengthen the healthcare and public health (HPH) sector's cybersecurity posture against cyber threats.
Administration for Strategic Preparedness and Response (ASPR, opens in a new tab)
The Administration for Strategic Preparedness and Response (ASPR) leads the nation's medical and public health preparedness for, response to, and recovery from disasters and public health emergencies. ASPR collaborates with hospitals, healthcare coalitions, biotech firms, community members, state, local, tribal, and territorial governments, and other partners across the country to improve readiness and response capabilities.
Cybersecurity and Infrastructure Security Agency (CISA, links to an external website)
The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation's risk advisor, working with partners to defend against today's threats and collaborating to build more secure and resilient infrastructure for the future. The threats we face—digital and physical, man-made, technological, and natural—are more complex, and the threat actors more diverse, than at any point in our history. CISA is responsible for protecting the Nation's critical infrastructure from physical and cyber threats. This mission requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.
Federal Bureau of Investigation (FBI, links to an external website)
The Federal Bureau of Investigation's (FBI) mission is to protect the American people and uphold the Constitution of the United States. FBI is an intelligence-driven and threat-focused national security organization working around the clock and across the globe to protect the U.S. from cyber-attacks, major criminal threats, and terrorism. FBI works with both government and private sector partners every day and at every level—local, state, federal, tribal, and international to help them better understand emerging threats and foster crime prevention initiatives.
HHS Office of Inspector General (OIG, opens in a new tab)
The HHS Office of Inspector General's (OIG) mission is to protect the integrity of Department of Health & Human Services (HHS) programs as well as the health and welfare of program beneficiaries. HHS OIG is the largest inspector general's office in the Federal Government, with approximately 1,600 dedicated to combating fraud, waste and abuse and to improving the efficiency of HHS programs. OIG develops and distributes resources to assist the health care industry in its efforts to comply with the Nation's fraud and abuse laws and to educate the public about fraudulent schemes so they can protect themselves and report suspicious activities.
The Healthcare and Public Health Sector Coordinating Council (HSCC, links to an external website, opens in a new tab)
The Healthcare and Public Health Sector Coordinating Council (HSCC) is a coalition of industry associations and their members. It has been a platform for collaboration among healthcare industry leaders and the government for more than a decade to address the most pressing security and resiliency challenges to the healthcare sector as a whole. Specifically, your organization is part of an interdependent ecosystem that is facing increasingly sophisticated operational and cybersecurity threats and vulnerabilities that can cascade across the value chain of the healthcare sector, ultimately affecting patient safety, security and privacy. It is our collective responsibility to deliver industry-wide policy and operational solutions to this shared challenge. When combined with government partners, we are the Joint Cybersecurity Working Group.