Senators introduce bill to bolster healthcare cybersecurity

Regulators continue to take an interest in healthcare cybersecurity after the February breach of Change Healthcare, which exposed tens of millions of medical records to hackers and slowed reimbursement nationwide.

A bipartisan group of Senators have introduced the Healthcare Cybersecurity Act (S. 4697), which would direct the U.S. Department of Health and Human Services (HHS) and Cybersecurity and Infrastructure Security Agency (CISA) to provide resources and develop strategies to improve the cyber-defenses of healthcare entities. 

Further, the bill would create a special liaison to HHS within CISA to help the two agencies to coordinate with each other and best leverage private and public resources to respond quickly to cyberattacks as they happen. 

The bill is co-sponsored by Senators Jacky Rosen (D-NV), Todd Young (R-IN) and Angus King (I-ME).

“Healthcare cyberattacks are a growing threat nationwide, and also hit home for Maine, where several major healthcare systems have been compromised in recent years due to cybercrimes,” King, co-chair of the Senate Cyberspace Solarium Commission said in an announcement. “These attacks and breaches of data can literally mean the difference between life and death for patients, significantly impact hospital operations, and—with the average hack costing millions to address—increase healthcare prices across the board.”

King added that the Healthcare Cybersecurity Act would “take important steps toward protecting patients’ data and healthcare provider capabilities,” in addition to improving security infrastructure and response time.

The announcement from Rosen, Young and King cited the Change Healthcare breach as a reason for the introduction of their bill, noting its ongoing impact shows a “lack of preparation and training during the recovery process” on behalf of healthcare organizations. 

The trio was able to get the endorsement of multiple academic and provider groups. 

“As Dean of the Kirk Kerkorian School of Medicine at UNLV, we wholeheartedly support Senator Jacky Rosen’s proposed legislation to enhance the cybersecurity of the Healthcare and Public Health Sector,” Marc Kahn, dean of the University of Nevada Las Vegas Medical School, said in the announcement. “This critical initiative addresses the increasing threats to our healthcare infrastructure, ensuring the protection of sensitive patient data and the integrity of our medical systems.”

“By implementing comprehensive cybersecurity measures, this legislation will not only safeguard our healthcare facilities but also enhance the overall quality of care and patient outcomes,” Khan added. 

The Healthcare Cybersecurity Act was introduced on July 11. 

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met. 

When regulating AI-equipped medical devices, the FDA might take a page from the Department of Transportation’s playbook for overseeing AI-equipped vehicles. These run the gamut from assisting human drivers to fully taking the wheel. 

Kit Crancer, RBMA board member, speaks with Radiology Business about key legislative developments on the Hill that will affect the specialty.