Senator Todd Young, US Senator for Indiana | Official U.S. Senate headshot
Senator Todd Young, US Senator for Indiana | Official U.S. Senate headshot
U.S. Senators Todd Young (R-Ind.), Jacky Rosen (D-Nev.), and Angus King (I-Maine) have introduced the bipartisan Healthcare Cybersecurity Act aimed at enhancing cybersecurity within the health care and public health sectors. This move follows recent cyberattacks, including a ransomware incident earlier this year on the health payment platform Change Healthcare, which exposed vulnerabilities in preparation and training for recovery.
“In recent years, hospitals and other health care facilities in Indiana and across America have experienced a dramatic increase in cyberattacks,” stated Senator Young. “Our bipartisan bill will take critical steps to strengthen cybersecurity infrastructure and better protect patients’ personal data.”
Senator Rosen highlighted the impact on smaller entities: “The health care industry is still reeling from recent cyberattacks, and rural and small health care entities in Nevada have been particularly affected. It’s imperative that we take measures to improve cybersecurity in the health care sector to prevent data breaches and protect Nevadans, which is why I’m introducing this bipartisan legislation. I’ll keep working to strengthen the cybersecurity of this critical sector and keep people safe from malicious actors.”
Senator King emphasized the national scope of the issue: “Healthcare cyberattacks are a growing threat nationwide, and also hit home for Maine, where several major healthcare systems have been compromised in recent years due to cybercrimes. These attacks and breaches of data can literally mean the difference between life and death for patients, significantly impact hospital operations, and — with the average hack costing millions to address — increase healthcare prices across the board. The bipartisan Healthcare Cybersecurity Act will take important steps toward protecting patients’ data and healthcare provider capabilities, and bolstering our cybersecurity infrastructure and response.”
The Healthcare Cybersecurity Act directs the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to collaborate on improving cybersecurity measures. It mandates making resources available to non-federal entities regarding cyber threat indicators and appropriate defense measures. Additionally, it establishes a special liaison to HHS within CISA to coordinate during cybersecurity incidents.
Full text of the legislation can be found here.
Alerts Sign-up