Notifications
Clear all
Topic starter
25/06/2026 2:50 pm
TL;DR: CISA 2015’s expiration leaves healthcare delivery organizations with less legal certainty around threat sharing and greater pressure to harden identity, access, and coordination controls across EHRs, shared workstations, and mobile workflows, according to Imprivata. The governance gap is no longer just information sharing, but whether identity programmes can support fast, compliant response under regulatory uncertainty.
NHIMG editorial — based on content published by Imprivata: How Healthcare Organizations Can Build Cyber Resilience After CISA’s Expiration
Questions worth separating out
Q: How should healthcare organisations strengthen identity controls after CISA expiration?
A: Healthcare organisations should tighten identity, credential, and session governance across EHRs, shared workstations, and mobile programmes so resilience does not depend on the certainty of external threat-sharing protections.
Q: Why do shared clinical systems increase cyber resilience risk?
A: Shared clinical systems increase risk because one credential, session, or access mistake can affect multiple users and care workflows.
Q: How can zero trust be applied in healthcare without disrupting care delivery?
A: Zero trust should be applied at the point of use, with policy that reflects clinical context rather than a generic deny-by-default posture.
Practitioner guidance
- Harden clinical identity boundaries Review how users move between EHRs, shared workstations, and mobile programmes, then remove any implicit trust that survives between sessions or devices.
- Extend continuous access monitoring Monitor privileged and routine access patterns across shared clinical systems so anomalies are visible before they become care disruptions.
- Operationalise zero trust at the point of use Apply zero-trust checks where access is actually consumed, not only at initial authentication.
What's in the full article
Imprivata's full article covers the operational detail this post intentionally leaves for the source:
- Practical guidance for healthcare leaders on aligning identity controls with NIST and HIPAA expectations in real clinical environments.
- The article's discussion of shared workstations, mobile programmes, and EHR access as the highest-friction identity surfaces.
- Imprivata's perspective on collaboration across healthcare organisations after CISA expiration and what that means for response speed.
- The source also expands on how digital identity and access management can support secure, efficient access during regulatory uncertainty.
👉 Read Imprivata's guidance on healthcare cyber resilience after CISA expiration →
CISA expiration and healthcare IAM: what resilience gaps teams must close?
Explore further
25/06/2026 4:01 pm
Healthcare resilience now depends on identity control, not just information-sharing policy. CISA’s expiration changes the operating context, but it does not change the fact that clinical systems are governed through identity, access, and workflow boundaries. When collaboration protections become less certain, organisations that already struggle with shared access, credential sprawl, and inconsistent monitoring will feel the gap first. The implication is that resilience programmes must treat identity governance as a frontline operational control, not a compliance afterthought.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: Who is accountable when healthcare threat sharing slows after legal changes?
A: Accountability sits with the organisation’s security, identity, and compliance leaders to ensure resilience controls still function when sharing models change. The relevant governance question is not whether legal protections remain static, but whether the programme can detect, contain, and recover quickly enough to protect patient care.
👉 Read our full editorial: Healthcare cyber resilience after CISA expiration needs stronger identity controls
