Question: Several times a week, I see a news story about another healthcare data breach. Has the government issued cybersecurity legislation that could help prevent attacks on healthcare organizations? Arizona Subscriber Answer: On Feb. 9, 2024, senators Angus King (I-ME) and Marco Rubio (R-FL) introduced the Strengthening Cybersecurity in Health Care Act. The proposed legislation aims to shield healthcare systems in the United States from hackers and other malicious cybersecurity threat actors.
If passed as proposed, the legislation would force the Department of Health and Human Services (HHS) to perform regular cybersecurity systems evaluations. HHS would also be required to produce biannual reports on the agency’s current practices, as well as their development on the “future safety procedures they are working to implement,” indicates a statement on the legislation. According to the HHS Office for Civil Rights (OCR) data breach portal, approximately 122 million people were victims of a health data breach in 2023. “The bipartisan Strengthening Cybersecurity in Health Care Act would help ensure that health institutions have the resources to keep patient data safe. As the number of threats continues to grow, consistent evaluations will prove to be a lifeline to the medical community treating our family and friends,” Senator King said in a statement.