National Healthcare Workshop

The Department of Homeland Security (DHS) sponsored a National Healthcare Workshop in coordination with the Department of Health and Human Services (HSS) to encourage the automation of cyber-related information to protect against cyber threats and coordinate response within the health care sector. This workshop is part of a DHS Automated Indicator Sharing (AIS) effort to gain a focused understanding of the issues and challenges within and between the critical infrastructure sectors.

The goal of this workshop was to help DHS understand the organization’s current workflow and how AIS capabilities and information could be incorporated, as well as to increase the probability that shared information would be utilized. Other benefits include the identification of capabilities leading to new avenues of automation with broader information and course-of-action sharing.


DHS Goals

  • Define and document the automated information-sharing challenges in the health care sector.
  • Demonstrate joint outreach to a critical sector with the sector-specific agency (SSA).

HHS-Specific Goal

Within the health care community, enable private- and public-sector organizations at the federal, state, and local levels to improve cyber information-sharing capacity and coordinated responses by leveraging the work already being done or planned within the federal government and National Health Information Sharing and Analysis Center (NH-ISAC) community.


  • Education of participants: Information sharing resources available, and types of information being shared now and by whom.
  • Understanding processes and documenting gaps: What is needed in terms of process, information, tools, and services to make the situation better? How can we as a community lower the bar to sharing and overcome the hurdles?

HHS Workshop Agenda

Day 1: April 17, 2017

Time Event POC
8:00 a.m. – 8:30 a.m. Check-in All
8:30 a.m. – 9:00 a.m. Welcome and Facility information APL, CAC staff
9:00 a.m. – 9:40 a.m. Keynote speaker: Current cyber information sharing capabilities & unique challenges for the healthcare sector HHS, Steve Curren, Director for the Division of Resilience Office of Emergency Management Office of the Assistant Secretary for Preparedness and Response
9:40 a.m. – 10:15 a.m. National Cybersecurity and Communications Integration Center, AIS and future plans DHS NCCIC, Preston Werntz
10:15 a.m. – 10:30 a.m. Break All
10:30 a.m. – 11:00 a.m. Law Enforcement role and perspective on healthcare cyber information sharing FBI HQ, Caitlin Bataillon
11:10 a.m. – 11:50 a.m. HHS HCICC overview, capabilities and future plans HHS, Leo Scanlon
11:50 a.m. – 12:30 p.m. National Health-Information Sharing and Analysis Center role and future plans NH-ISAC, Ed Brennan
12:30 p.m. – 1:00 p.m. Lunch All
1:00 p.m. – 1:40 p.m. Health Information Trust Alliance and its Cyber Threat Exchange programs HITRUST, Elie Nasrallah
1:40 p.m. – 2:30 p.m. Wrap-up and Discussion

Day 2: April 18, 2017

Time Event POC
8:00 a.m. – 8:30 a.m. Check-in All
8:30 a.m. – 9:10 a.m. Keynote speaker: DHS Resources and Assistance DHS – Erin Shepley - Integrated Cybersecurity Services, FNR, Office of Cybersecurity and Communications
9:10 a.m. – 9:50 a.m. The NH-ISAC initiative to bring all levels of participants into the sharing community NH-ISAC, Ed Brennan
9:50 a.m. – 10:30 a.m. Healthcare information sharing at the state-level MD, Les Hawthorne, Maryland Coordination and Analysis Center (MCAC)
10:30 a.m. – 10:45 a.m. Break All
10:45 a.m. – 11:25 a.m. Law Enforcement resources for healthcare information sharing FBI, SA AmyLynn Errera
11:25 a.m. – 12:00 p.m. HITRUST services and the use of the CSF for small and medium organizations HITRUST, Bryan Cline
12:00 p.m. – 12:45 p.m. Final thoughts and wrap-up All