Federal News Network: Bipartisan bill would put HHS IG in key role following Change Healthcare incident

JUSTIN DOUBLEDAY, FEDERAL NEWS NETWORK

As the health sector continues to be targeted by hackers, lawmakers have coalesced around a bipartisan bill to boost healthcare cybersecurity through routine evaluations by the Department of Health and Human Services’ inspector general.

Several House lawmakers earlier this month introduced the “Strengthening Cybersecurity in Health Care Act.” A bipartisan companion bill in the Senate was released earlier this year.

The bill would require the HHS IG to routinely probe the cyber defenses of healthcare IT systems, through penetration tests and other measures. The testing would evaluate whether the systems are secure enough to prevent compromises that could either expose patient data or impact patient safety, according to the bill.

The legislation would apply to systems involved in “processing, transmitting, or storing mission critical or sensitive data by, for, or on behalf of” HHS.

While the bill ties the requirements to HHS-related data, the department’s central role in the U.S. health system, including through the Centers for Medicare & Medicaid Services, means such a testing regime could have far-reaching implications.

Rep. Abigail Spanberger (D-Va.), one of the sponsors of the bill, recently suggested it could help raise cybersecurity standards across the health sector.

“This would be in terms of how we are setting standards for American patients’ healthcare data,” Spanberger said in an interview on the Federal Drive with Tom Temin. “And so recognizing the standards related to how that data is maintained, but ensuring that HHS is ultimately part of a larger conversation. Certainly there’s much that needs to be done in private industry.”

Sen. Angus King (I-Maine), one of the cosponsors in the Senate, said in a statement that the bill would “help ensure that health institutions have the resources to keep patient data safe. As the number of threats continues to grow, consistent evaluations will prove to be a lifeline to the medical community treating our family and friends.”

The new bill comes amid the fallout from the Change Healthcare ransomware attack. The February incident forced the company – far and away the top healthcare payments service provider in the United States – to take down its network, roiling U.S. healthcare systems as a result.

More recently, a ransomware attack on a major U.S. health provider earlier this month has forced nurses to work without access to electronic records, CNN reported.

The FBI’s Internet Crime Complaint Center reports that the healthcare sector is the top target for ransomware attacks.

Spanberger said lawmakers want to ensure HHS “is equipped with the most up to date mitigation and response strategies, particularly as we see the health care sector continues to be such a prime target.”

“Ensuring that we are putting the inspector general in a place to evaluate whether current systems could be compromised or could expose patient data or could be strengthened, I think is an important step forward,” she said.

Meanwhile, HHS officials say they want to make the Administration for Strategic Preparedness and Response (ASPR) the department’s “one-stop shop” for healthcare cybersecurity going forward. The Biden administration is requesting a $12 million increase in funding for ASPR in fiscal 2025 to increase its cybersecurity work with the health sector.

“A one-stop shop will enhance coordination within HHS and the federal government, deepen government’s partnership with industry, increase HHS’s incident response capabilities, and promote greater uptake of government services and resources such as technical assistance, vulnerability scanning, and more,” a December HHS white paper states. “ASPR has the response expertise and capabilities appropriate for helping the sector navigate and access the array of cybersecurity supports available from HHS and across the federal government.”

Recent Posts


Sep 9, 2024
Uncategorized

Spanberger Urges Amazon, eBay, Facebook Marketplace to Crack Down on the Resale of Stolen Goods, Backs Bill to Address Supply Chain Theft

The Average American Family Will Pay More Than $500 Annually in Additional Costs Due to Increased Prices Caused by Organized Retail Crime WASHINGTON, D.C. — U.S. Representative Abigail Spanberger today pressed online retailers — including Amazon, eBay, and Facebook Marketplace — for information on their efforts to curb the resale of stolen goods. Consumers, communities, and businesses bear […]



Sep 5, 2024
Veterans' Issues

Spanberger Presents Widow of Virginia Vietnam War Veteran Sergeant Michael R. Spears with Bronze Star & Decorations He Earned for His Service

The Congresswoman’s Office Worked with the U.S. Department of Defense to Secure the Military Decorations Sergeant Spears Earned During His Service DALE CITY, Va. — U.S. Representative Abigail Spanberger yesterday presented the widow of Retired U.S. Army Sergeant First Class Michael R. Spears — a Madison County resident and longtime member of VFW Post 1503 in […]



Sep 4, 2024
Economy & Jobs

Spanberger Hosts Workforce Training Summit with Virginia Business, Economic Development, & Education Partners

Spanberger was Joined by Speakers From Local Chambers of Commerce, Colleges & School Divisions that Serve Students in Virginia’s Seventh District, & Economic Development Agencies WOODBRIDGE, Va. — U.S. Representative Abigail Spanberger today hosted her 2024 Workforce Training Summit to bring together Virginia business owners, employers, and economic development, education, and industry leaders. Spanberger and panelists […]