“By enabling these organizations to ensure secure products and services from their suppliers, we will leverage market forces to raise the bar across the healthcare supply chain to the benefit of all.” said Greg Garcia, HSCC executive director of its Cyber Security Working Group.
The toolkit is aligned to the new Supply Chain requirements within the 2018 update to the NIST Cyber Security Framework, and provides concrete guidance on process and governance, as well as practical tools such as contractual language for different supplier relationship types, risk assessment, and supplier inventory templates and policy examples. Co-chaired by Darren Vianueva of Trinity Health and Chris van Schijndel of Johnson & Johnson, the Supply Chain Security task group that developed the toolkit is made up of more than 40 supply chain and cybersecurity professionals from a broad spectrum of health sector organizations.
While it is primarily written for small and medium sized organizations, the guide also makes a call to action for large healthcare organizations, associations, and consultancies to raise awareness and encourage adoption across the sector.
To access and download a copy of the HIC-SCRiM, go to https://HealthSectorCouncil.org/HIC-SCRiM.