Bill Cassidy - Ranking Member of the Senate HELP Committee | Official U.S. Senate headshot
Bill Cassidy - Ranking Member of the Senate HELP Committee | Official U.S. Senate headshot
U.S. Senators Bill Cassidy, Mark Warner, John Cornyn, and Maggie Hassan have introduced legislation aimed at bolstering cybersecurity within the health care sector. This move comes as part of a bipartisan effort to protect Americans' health data from increasing cyber threats.
Dr. Cassidy emphasized the importance of this legislation, stating, “Cyberattacks on our health care sector not only put patients’ sensitive health data at risk but can delay life-saving care.” He underscored that the bill is designed to ensure that health institutions can better safeguard patient information.
Senator Warner highlighted the potential dangers posed by cyberattacks on health care systems. He remarked, “Cyberattacks on our health care systems and organizations not only threaten personal and sensitive information, but can have life-and-death consequences with even the briefest period of interruption.”
In support of modernizing cybersecurity practices in health care institutions, Senator Cornyn noted, “In an increasingly digital world, it is essential that Americans’ health care data is protected.” He described the legislation as "commonsense" and stressed its focus on agency coordination and assistance for rural providers.
Senator Hassan pointed out the challenges faced by medical providers in rural areas. She said, “Cyberattacks in the health care sector can have a wide range of devastating consequences...and it can be particularly difficult for medical providers in rural communities with fewer resources to prevent and respond to these attacks.”
The Health Care Cybersecurity and Resiliency Act of 2024 proposes several measures:
- Grants for health entities to improve cyberattack prevention and response.
- Training on cybersecurity best practices.
- Support for rural communities with best practices for breach prevention and resilience.
- Enhanced coordination between federal agencies like HHS and CISA.
- Modernized regulations for HIPAA-covered entities.
- A mandate for HHS to develop a cybersecurity incident response plan.
The need for such legislation is underscored by recent statistics from HHS, which reported that 89 million Americans had their health information breached in 2023. This figure represents more than double the number recorded in 2022. The financial impact of these breaches averages $10 million per incident, often resulting in significant disruptions or delays in patient care.
###
Alerts Sign-up