Paubox News | HIPAA Compliance, Email Security and Healthcare Tech

New bipartisan legislation targets healthcare cyber threats

Written by Farah Amod | July 25, 2024

A bipartisan group of U.S. senators has introduced legislation—the Healthcare Cybersecurity Act of 2024—to strengthen the resilience of the healthcare and public health (HPH) sector against cyber threats. This bill represents a step forward in the ongoing battle to protect sensitive patient data, safeguard healthcare operations, and ensure the continuity of medical services.

 

What happened

The Healthcare Cybersecurity Act of 2024 was introduced by Senators Jacky Rosen (D-NV), Todd Young (R-IN), and Angus King (I-ME) in response to the alarming rise in hacking incidents and ransomware attacks targeting the healthcare industry. These malicious cyber intrusions have compromised sensitive patient information and disrupted main healthcare services, with potentially life-threatening consequences.

The proposed legislation seeks to address these challenges by directing the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) to collaborate with the Department of Health and Human Services (HHS) in developing resources and support mechanisms for non-federal healthcare entities. This includes creating a dedicated CISA liaison to coordinate the government's response during cybersecurity incidents and provide tailored assistance to HPH sector organizations.

 

Going deeper

The Healthcare Cybersecurity Act of 2024 builds upon previous efforts to enhance the sector's cybersecurity posture. In 2022, Senator Rosen introduced a similar bill that, while failing to gain sufficient support at the time, has now been revived and strengthened through bipartisan cooperation.

The new legislation also aligns with the voluntary HPH Sector Cybersecurity Performance Goals (HPH-CPGs) recently published by the HHS Office for Civil Rights (OCR). These guidelines outline high-impact cybersecurity practices that healthcare organizations should prioritize to bolster their cyber preparedness and resilience. 

 

What was said

"It's imperative that we take measures to improve cybersecurity in the healthcare sector to prevent data breaches and protect Nevadans, which is why I'm introducing this bipartisan legislation," said Senator Rosen. "I'll keep working to strengthen the cybersecurity of this critical sector and keep people safe from malicious actors."

 

Why it matters

The introduction of the Healthcare Cybersecurity Act of 2024 represents a pivotal moment in the ongoing effort to safeguard the healthcare industry against the growing threat of cyberattacks. By fostering collaboration between CISA and HHS, the legislation tries to equip healthcare organizations with the necessary tools, resources, and support to enhance their cybersecurity posture and better protect sensitive patient information.

 

FAQs

What is the Healthcare Cybersecurity Act of 2024? 

The Healthcare Cybersecurity Act of 2024 is a bipartisan bill introduced by Senators Jacky Rosen, Todd Young, and Angus King. The legislation tries to improve cybersecurity in the healthcare and public health (HPH) sector by directing the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) to collaborate with the Department of Health and Human Services (HHS) in developing resources and support mechanisms for healthcare organizations.

 

Why is the Healthcare Cybersecurity Act of 2024 important? 

The Healthcare Cybersecurity Act of 2024 tries to strengthen the resilience of the healthcare sector against the growing threat of cyberattacks. These malicious intrusions have jeopardized patient safety and data privacy and have also disrupted main healthcare operations, leading to increased costs for patients and the broader healthcare system. The bipartisan nature of the legislation indicates the shared recognition among lawmakers of the urgent need to address this challenge and prioritize the security and resilience of the healthcare industry.

 

How will the Healthcare Cybersecurity Act of 2024 impact the healthcare industry? 

The Healthcare Cybersecurity Act of 2024 is expected to have a big positive impact on the healthcare industry by:

  • Equipping healthcare organizations with the necessary tools, resources, and support to enhance their cybersecurity posture and better protect sensitive patient information
  • Fostering collaboration between CISA and HHS to coordinate the government's response and provide tailored assistance during cybersecurity incidents
  • Ultimately, this would contribute to the overall security, resilience, and continuity of healthcare services, which could save lives and reduce the financial burden on patients and the healthcare system.