Lawmakers are addressing the growing number of cyber threats in healthcare with new bipartisan legislation. The Healthcare Cybersecurity Act aims to strengthen cybersecurity in the healthcare industry by mandating collaboration between the US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS).
The proposed Healthcare Cybersecurity Act focuses on improving the defense mechanisms within the healthcare sector. The bill, introduced by a group of bipartisan senators, requires CISA, part of the Department of Homeland Security, to work closely with HHS. This partnership aims to enhance the cybersecurity framework in healthcare and provide vital resources to combat cyber threats.
Additionally, the bill proposes the creation of a special liaison within CISA to coordinate response efforts during a cyberattack. This role will be pivotal in streamlining communication and actions between the two agencies during crises.
XTALKS WEBINAR: Cybersecurity in Healthcare – How it Started, How it is Going and Why it Matters
Live and On-Demand: Tuesday, August 13, 2024, at 1pm EDT (10am PDT)
Register for this webinar today to understand the importance of cybersecurity in healthcare and explore the delicate balance between operational efficiency and data protection in life-saving environments.
The bill’s co-sponsors include Senators Jacky Rosen, Todd Young and Angus King. Senator Rosen emphasized the urgency of the bill, particularly for rural and small healthcare entities in Nevada, which have been significantly impacted by recent cyberattacks. She stressed the importance of the legislation in preventing data breaches and protecting healthcare providers and patients from malicious actors.
Rising Healthcare Cybersecurity Threats
The urgency of the Healthcare Cybersecurity Act is underscored by a dramatic rise in cyberattacks on the US healthcare system. In 2023, known cyberattacks increased by 128 percent from the previous year, according to the Office of the Director of National Intelligence.
One of the most significant attacks occurred in February when the ransomware group ALPHV breached Change Healthcare, a major records and payment manager. The attack led to delayed prescriptions and paychecks for healthcare workers. Change Healthcare, a subsidiary of UnitedHealth Group, processes about 14 billion transactions annually, accounting for roughly six percent of all payments in the US healthcare system. UnitedHealth Group confirmed it paid a ransom following the attack.
Related: Top Healthcare Ransomware Attacks in Recent Years
Vulnerability of Rural Facilities
Rural healthcare facilities are particularly vulnerable to cyber threats and attacks. One of the significant challenges for smaller healthcare organizations and hospitals is the lack of resources, expertise and personnel to implement necessary cybersecurity measures. There’s a need for accountability, email protection, vulnerability management, risk analysis and experienced security staff.
In June, the White House announced partnerships with Microsoft and Google to provide free or discounted cybersecurity services to protect these vulnerable hospitals. This initiative is crucial as these facilities often lack the resources to defend against sophisticated cyberattacks.
The Healthcare Cybersecurity Act represents a crucial step towards strengthening the cybersecurity infrastructure within the healthcare sector. By fostering collaboration between CISA and HHS, the bill aims to provide the necessary resources and coordinated response mechanisms to defend against escalating cyber threats. As cyberattacks continue to rise, this legislation is vital in protecting healthcare entities and ensuring the safety of patient data across the US.
If you want your company to be featured on Xtalks.com, please email [email protected].
Join or login to leave a comment
JOIN LOGIN