The Cybersecurity and Infrastructure Security Agency would work with Health and Human Services to secure Americans’ healthcare data from hackers under a bill that was presented this month in the U.S. House of Representatives.
According to HHS data, healthcare facility intrusions increased by 55% in 2020, impacting roughly one million people each month. Rep. Jason Crow commented in a statement regarding the bill cosponsored by Rep. Brian Fitzpatrick that cyberattacks on hospitals and health facilities are becoming increasingly regular and they are driving up healthcare expenses.
The congressman’s proclamation mentions the rising frequency of malicious attacks, which eventually have an impact on patient health outcomes in addition to rising healthcare delivery costs.
Sen. Jacky Rosen sponsored the bill and a counterpart measure in the Senate in March, and both state that information sharing and engagement between the public and private sectors are vital to enhancing cyber resilience for health-focused businesses. The Healthcare Cybersecurity Act would necessitate cooperation between CISA and HHS through the signing of a contract to enhance cybersecurity as specified by CISA.
The federal cybersecurity agency would complete a thorough analysis of hazards related to healthcare data and assets, information system security difficulties in the industry, and cybersecurity manpower shortages within a year of the legislation’s bipartisan passage.
In particular in rural and small to medium-sized healthcare and public sector systems, CISA would address workforce training, recruitment, and retention concerns in the healthcare cybersecurity field and give recommendations for how to overcome them. Additionally, the law would allow healthcare asset owners to receive cybersecurity training on cybersecurity risks and mitigation techniques.
According to the legislation’s supporters, there have been roughly three times as many breaches of sensitive health data in the past three years. Hospital boards are investing more money in cybersecurity as a result of the rise and the well-reported events in order to manage care disruptions and defend interoperable electronic health records and other data sources.
According to Steve Smerz, CISO at Halo Health, a clinical collaboration platform, hospitals are adjusting to the surge in ransomware by increasing redundancy, using cloud tools, and trying to put bring-your-own-device policies in place to make care teams use their devices to collaborate over cellular networks when WiFi networks become unavailable. He said in an interview that a clinical collaboration platform enables team members to proceed with conversations in real time to deliver and act on mission-critical data, such as stroke and sepsis alerts, regardless of whether the organisation tends to rely on shared devices, BYOD, or other mobile device strategies.
In order to lessen the effects of a data leak, larger healthcare institutions are also countering cyberattack dangers with additional training. According to Fitzpatrick, a hack in 2021 exposed the health information of 46 million Americans. They must confront the growing number of attempted attacks on hospitals and health facilities.
