A bill reintroduced in the House of Representatives on Wednesday would better equip the U.S. Department Health and Human Services’ (HHS) to address cyber threats to the health care system following recent malware attacks like WannaCry and NotPetya.
U.S. Reps. Billy Long (R-PA) and Doris Matsui (D-CA) reintroduced the HHS Cybersecurity Modernization Act, H.R. 4191, following more than a year of committee hearings on health care cybersecurity and the release of a Health Care Industry Cybersecurity Task Force report outlining needed actions.
Under the bill, the HHS secretary would be given new authorities to restructure the department’s cybersecurity personnel. In addition to enhancing internal HHS cybersecurity capabilities, the bill aims to encourage coordination among HHS offices that draft cybersecurity regulations for the larger health care system.
“The cyber threats our nation face are real and growing,” Long said. “My bill works to increase collaboration between HHS and the health care sector to ensure the protection of Americans’ sensitive personal data. Cybersecurity threats are nothing new, but how we respond to them needs to improve and this bill is an important step in strengthening our cybersecurity efforts at HHS and in the health care community.”
Long and Matsui have taken part in more than a year of House Energy and Commerce Committee hearings on health care cybersecurity. Matsui said that data security practices must “keep pace” as technology plays an increasingly important role across the health care system.
“Patients deserve to know that their medical information is safe, and hospitals, manufacturers and insurance companies that handle patient data need guidance to ensure they are following best practices,” Matsui said. “This bill builds on the legislation Congressman Long and I introduced last Congress, further encouraging HHS to implement the appropriate internal infrastructure that will ensure the agency is prepared to lead the health care industry in cybersecurity.”