Health-ISAC updated the white paper on best practices for information sharing within the healthcare sector for 2023.
On September 05, 2023, Health-ISAC released an updated version of the 2020 Information Sharing Best Practices white paper. The 2023 updates feature several additions, including a new information sharing type — Threat Defender Content and Resources Sharing, thoughts on legal protections with respect to information sharing & GDPR, and new case studies to provide solid examples of good information sharing.
This paper is meant to assist organizations considering participating in sector-specific information-sharing communities.
Information-sharing programs produce significant benefits at minimal risk for the organizations that participate. This document provides Healthcare organizations with a set of guidelines and best practices for efficient and effective information-sharing strategies. It addresses barriers to information sharing often found in laws, regulations, corporate policies, or management support and will help organizations overcome these obstacles.
Key Takeaways:
Types of Shared Threat Intelligence
~ Includes strategic, tactical, operational, technical and open source intelligence
Industry Best Practices
~ Learn the best practices for sharing information within the healthcare industry
Incident Response Sharing
~ Tips for Incident response information sharing
Shared Media Response
~ Learn how to leverage industry peers and shared media response to large events
We encourage HPH information sharing organizations to use this document as the basis of their own Information Sharing Best Practices Guideline. Organizations can customize the content provided here for their own information sharing environment.
Abstract
Information sharing programs, when done properly, produce significant benefit at low risk for the organizations that participate. This document provides Healthcare and Public Health Sector (HPH) organizations with a set of guidelines and best practices for efficient and effective information sharing. It addresses real and perceived barriers to information sharing that are often found from laws, regulations, corporate policies or management support, and will help organizations work through these obstacles.