Mounting cyberattacks and data breaches impacting the U.S. healthcare sector, as evidenced by the massive Change Healthcare ransomware intrusion last year, have prompted Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Penn., to unveil the new Healthcare Cybersecurity Bill that seeks to bolster federal efforts against such threats, Infosecurity Magazine reports.
Under the legislation, both the Cybersecurity and Infrastructure Security Agency and the Department of Health and Human Services would be mandated to conduct cyber threat intelligence activities to improve health cyber risk awareness, as well as establish a risk management plan tailored to the sector, which includes best practices during and after cyber incidents. Moreover, CISA would be required to train healthcare organization owners and operators on cyber risk mitigation, as well as submit reports detailing their efforts in bolstering the sector's cyber threat readiness to Congress. "We're not just responding to attackswe're building the infrastructure to prevent them, protect patient privacy, and defend a vital pillar of our national security," said Fitzpatrick.
Under the legislation, both the Cybersecurity and Infrastructure Security Agency and the Department of Health and Human Services would be mandated to conduct cyber threat intelligence activities to improve health cyber risk awareness, as well as establish a risk management plan tailored to the sector, which includes best practices during and after cyber incidents. Moreover, CISA would be required to train healthcare organization owners and operators on cyber risk mitigation, as well as submit reports detailing their efforts in bolstering the sector's cyber threat readiness to Congress. "We're not just responding to attackswe're building the infrastructure to prevent them, protect patient privacy, and defend a vital pillar of our national security," said Fitzpatrick.
