Skip over global navigation links
U.S. Department of Health and Human Services

Key Initiatives

1. Risk Assessment

  • The CIP Program, as the Sector Specific Agency for the Healthcare and Public Health Sector, participates in a number of risk related initiatives in partnership with the Department of Homeland Security Office of Infrastructure Protection. The Risk Integration and Analysis Branch (RIAB), within the DHS Office of Infrastructure Protection, performs infrastructure-related decision support analysis and prioritization for Federal, State, local, tribal, territorial, and private sector partners through its four major program areas, the:
    • National Critical Infrastructure Prioritization Program (NCIPP):
      1. 1. Tier 1/Tier 2 Program
      2. 2. Critical Foreign Dependencies Initiative (CFDI)
    • National Infrastructure Risk Analysis Program, including the Strategic Homeland Infrastructure Risk Assessment (SHIRA) process;
    • Infrastructure Risk Analysis Partnership Program (IRAPP); and
      Critical Infrastructure Futures Analysis Program.
  • RIAB’s vision is to lead a public and private sector analytic network capable of anticipating the decision making requirements of the infrastructure protection community.

2.  Cybersecurity

  • The HHS CIP Program and the Healthcare and Public Health sector is an active member of the Cross-Sector Cybersecurity Working Group (CSCSWG) and other cybersecurity initiatives. In addition to addressing cybersecurity issues among private and public sector partners, the program also serves as the link between HHS cybersecurity initiatives and our sector security partners.

3. Operations

  • The HHS CIP Program is an active participant in the Secretary’s Operations Center during emergencies. It serves as the primary conduit between the Department of Homeland Security National Infrastructure Coordination Center and HHS. In addition, it assists in integrating private sector partners into the preparedness, response, and recovery cycle by serving as an information sharing node for all of the diverse entities through the sector.

4. Working Groups

  • The Healthcare and Public Health (HPH) Sector partnership brings together leaders in business and government to prepare for and protect against all hazards facing the Sector. The CIP framework focuses on protecting HPH organizations themselves during a disaster, so that they may focus on their mission of saving lives. The partnership identifies and prioritizes the most critical elements of the Nation's HPH infrastructure, shares information on risks facing that infrastructure, and implements activities to protect the Sector. The HPH Sector partnership consists of a Government Coordinating Council of government partners and Sector Coordinating Council of private sector partners. These two groups come together through four joint working groups to address issues of mutual concern. All public and private sector members of the HPH Sector with a role in the HPH Sector’s homeland security mission are invited to take part in one or more of the joint working groups. The sector working groups include:
    • Cybersecurity Working Group:  The Cybersecurity Working Group (CSWG) directs the HPH sector’s cybersecurity analysis, education, and awareness efforts, to include coordinating with the Risk Management Working Group to provide cybersecurity expertise for the sector’s risk management objectives. The group will develop informational guides, vet cybersecurity situational reports, determine best practices and make recommendations towards cybersecurity standards for the HPH sector.
    • Information Sharing Working Group:  The Information Sharing Working Group (ISWG) advises the Healthcare and Public Health Sector and Government Coordinating Councils on the critical infrastructure information needs of the sector and recommends processes for obtaining that information and sharing it with the sector during steady state and incident response. The ISWG also monitors the sector’s Homeland Security Information Network (HSIN-HPH) portal in order to improve its effectiveness and organization, and to disseminate healthcare-related documents, materials and announcements. Future projects include, but are not limited to, improving information sharing with other critical infrastructure sectors, development of a sector communications flow chart, and the development of an after-action analysis for information sharing during National Level Exercise 2011.
    • Research and Development Working Group:  The Research & Development Working Group (RDWG) provides research recommendations to the Healthcare and Public Health Sector to address Sector priorities and identified gaps. Its goal is to promote Sector continuity and resilience during steady state and incident response. In the coming year, the RDWG will form two to three sub-workgroups to develop specific information products to assist the healthcare and public health community in critical infrastructure protection. Topics for these sub-workgroups may include developing products to analyze and address Sector dependencies on energy, water, and the medical supply chain.
    • Risk Management Working Group:  The Risk Management Working Group (RMWG) will take the lead in implementing the National Infrastructure Protection Plan (NIPP) Risk Management Framework. The Risk Management Framework is a six step continuous improvement process designed to enhance protection of critical infrastructure and key resources. The RMWG will collaborate with a wide range of stakeholders to identify assets, systems, and networks that are critical to HPH sector operations, in both steady-state and incident response situations. One of the key outputs of the RMWG will be a consensus-developed list of the most critical assets, systems, and networks within the HPH sector. This represents the beginning of a multi-year process to use risk information to support a wide range of risk-informed decisions within the sector.
    • Sector Specific Metrics Working Group:  Measuring effectiveness is a key component of the NIPP Risk Management Framework. Knowledge gained from this effort is intended to help assess progress toward security goals. Metrics provide a foundation for establishing a baseline of current performance, and demonstrating that objectives are being met or that gaps exist in infrastructure protection and consequence reduction. The National Infrastructure Protection Plan (NIPP) specifically requires each sector to develop sector-specific metrics that are tailored to its infrastructure and unique operating characteristics.

For more information, you can contact the CIP Program at CIP@hhs.gov.

  • This page last reviewed: July 07, 2011