American Hospital Association, (AHA) this week voiced support for the Healthcare Cybersecurity Act (S.3904), legislation that would improve collaboration and coordination between the Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services. The bill also would authorize cybersecurity training and an analysis of cybersecurity risks for the healthcare and public health sector, with a focus on impacts to rural hospitals, medical devices and cybersecurity workforce shortages.
John Riggi, AHA’s national advisor for cybersecurity and risk, was privileged to participate in early discussions that helped inform elements of the bill and bring to light the serious cybersecurity threats and challenges facing the field.
“Great strides have been made by hospitals and health systems to defend provider networks, secure patient data, preserve health care delivery and, most importantly, protect patient safety,” AHA said in a letter to the bill’s sponsors, Sens. Jacky Rosen, D-Nev., and Bill Cassidy, R-La. “This bill takes first steps towards addressing many of the cybersecurity challenges facing hospitals and health systems. We also support the development of coordinated national defensive measures, an expansion of the cybersecurity workforce, disruption of bad actors that target U.S. critical infrastructure, and the utilization of a ‘whole of government’ approach to increasing risk and consequences for those who commit attacks.”
The Senate Committee on Homeland Security and Governmental Affairs is scheduled to mark up the bill on Wednesday.