Biden Administration makes plans to strengthen cybersecurity

Following many of the startling cyberattacks, the Biden-Harris Administration is taking steps to bolster protections for Americans. 

What happened

Earlier this month, the administration released a new fact sheet, Biden-Harris Administration Bolsters Protections for Americans’ Access to Healthcare Through Strengthening Cybersecurity, that aims to address the potential harms of cyberattacks on hospital operations. 

The announcement comes after numerous cyberattacks against the US healthcare system that resulted in millions of Americans having their data stolen. In some cases, like the massive Change Healthcare breach, patients were left unable to receive prescriptions and hospitals could not process claims with insurance companies. In other instances, the aftermath plunged hospitals into financial distress, even resulting in closures. 

The fact sheet noted that cyberattacks specifically against the healthcare system have skyrocketed by approximately 128% between 2022 and 2023. According to the release, these attacks demonstrate the current “vulnerability of our hospitals and payment systems.” The report noted that the Change breach–although unnamed–resulted in providers having to “scramble for funding,” and other attacks have forced hospitals to redirect care. 

Now, the Biden-Harris administration is attempting to change the tide with new initiatives and partnerships.  

Going deeper

The brief discussed several steps the administration has taken to remedy current challenges, which include: 

• The creation of a healthcare cybersecurity gateway website in January that simplifies access to healthcare-specific cybersecurity information and resources. 
• A May 2024 meeting between the White House and high-level executives across the healthcare sector discussing current challenges, future partnerships, and how the public and private sectors can unite. 
• Plans to launch programming from the Advanced Research Projects Agency for Health (ARPA-H) that will invest over $50 million to create security tools for hospital information technology teams. 

As Paubox has previously covered, rural hospitals, or hospitals that are located more than 35 miles from another hospital, can have more difficulty recovering from breaches. If a breach results in a diversion, it can have a direct impact on patient care. To help improve security in these areas, members of the private sector are committing to the following:

• For certain hospitals, Microsoft is extending its nonprofit program to provide grants and discounts on security products designed for smaller organizations. 
• Google will provide endpoint security advice to rural hospitals and non-profit organizations at no cost. Eligible customers will also receive discounted tools and security support. Lastly, Google has committed to launching a pilot program with rural hospitals to develop a package of security capabilities to suit rural hospital news. 

Related: HIPAA Compliant Email: The Definitive Guide

The big picture

Initiatives from the administration show the growing national concern of healthcare cybersecurity. Massive data breaches have revealed the many existing vulnerabilities and their potentially devastating impacts on hospitals and patients. 

With the private and public sectors coming together, these initiatives could be a positive and driving force for the industry to improve cybersecurity practices. With the right tools and resources, every attack is preventable.