In response to the rising numbers of cyber-attacks across critical infrastructure, the U. S. Health and Human Services created the 405(d) Task Group to align and improve the security posture of the healthcare sector. The Task Group published the Health Industry Cyber Practices (HICP) to serve as a guide for aligning and improving healthcare cyber resilience and securing the continuum of patient care.
The HICP 2023 Edition outlines the top 5 cyber threats healthcare organizations face and provides a framework of 10 best Practices to address and mitigate those threats. To help prioritize core HICP Practices, the Cybersecurity Performance Goals (CPGs) were published as a focused subset of high-impact HICP Practices.