Another House bill aims to protect against cyberattacks on hospitals
More than 250 hospitals were targeted by ransomware attacks in 2023, the office of Rep. Robin Kelly, D-Ill., notes, representing a 128% increase over the previous year.
As has been shown time and time again, these attacks, in addition to being expensive, are devastating and debilitating, sometimes lasting for weeks, delaying critical medical procedures, interrupting the flow of patient care, canceling medical appointments and overwhelming staff.
Kelly has introduced a new bill that she says should help improve cybersecurity preparedness for small hospitals that are more vulnerable to ransomware and other cyberattacks.
Why does it matter?
Ha Newly introduced legislationThe Healthcare Cybersecurity Improvement Act (H.R. 10455) contains four key provisions:
- It provides for the establishment of the Healthcare Cybersecurity Coordination Center (HC3) so that the office can continue its work of providing information and resources to providers.
- It creates a seed grant program, with up to $100 million in funding, to bolster cybersecurity efforts at small and medium-sized hospitals.
- It requires HHS to establish core cybersecurity standards to then be included as a condition of participation for hospitals that receive Medicare funding.
- It creates liability protection so that larger health care systems can provide smaller health centers with access to cyber resources without fear of liability.
Read the full text of the bill here.
“When patients put their health in the hands of doctors and health care providers, they are also entrusting most of their private data to hospital cybersecurity systems — and the reality is that these systems are not up to par,” Kelly said in a statement.
The biggest trend
The new draft law has the support of the volunteer cybersecurity organization Ai I Cavalrywhich is committed to enhancing cybersecurity for connected medical devices, IT infrastructure and other mission-critical technologies.
Cybercriminals “show no signs of stopping,” Joshua Korman, co-founder of I Am the Cavalry, said in a statement. “These attacks cause deterioration in patient care with measurable increases in deteriorating outcomes and even loss of life. Congresswoman Robin Kelly has continually engaged with ethical hackers through I Am the Cavalry to close these gaps toward greater resiliency in small, medium, and rural healthcare facilities.” “So every American can count on timely access to emergency care.”
Kelly’s bill isn’t the only recent congressional filing focused on lending a helping hand to health systems trying to protect against cyberattacks. In the Senate, the Healthcare Cybersecurity and Resilience Act of 2024 would provide grants to help healthcare organizations strengthen prevention and response — and push for better coordination between HHS and CISA.
Additionally, a public-private partnership—the White House, Microsoft, Google, the American Hospital Association, and the National Rural Health Association—collaborated earlier this year on an initiative to provide grants, free advice on endpoint security and other resources for critical access emergency hospitals. .
registered
“It has become painfully clear that hospitals need better standards and investments to help ward off cyberattacks, especially smaller hospitals that need greater capabilities and expertise,” Kelly said in a statement. “Americans undergoing surgery or rushing to the hospital for an emergency should not have to worry about whether their doctor’s medical equipment has been compromised or care delayed due to a ransomware attack.”
Mike Millard is executive editor of Healthcare IT News
Email the writer: mike.milliard@himssmedia.com
Healthcare IT News is a HIMSS publication.