On November 1, 2017, House Energy and Commerce Committee members Representatives Doris Matsui (D-CA) and Billy Long (R-Mo) reintroduced the “HHS Cybersecurity Modernization Act” (H.R. 4191) www.congress.gov to address cyber threats to HHS www.hhs.gov.
Since the last Congress, the Energy and Commerce Committee have held hearings to examine healthcare cybersecurity efforts. Also, the Health Care Industry Cybersecurity Task Force has released a report detailing actions that should be taken to deal with cybersecurity.
The bill just reintroduced would support efforts at HHS and give the Secretary of HHS the authority to reorganize their cybersecurity personnel and would require HHS to develop and submit a plan.
This plan would require:
- Internal coordination between HHS offices that have regulatory authority related to healthcare cybersecurity and would require these offices to coordinate their efforts in order to provide a “whole-of-department” response to cyber challenges
- HHS to secure their own internal information systems and provide guidance, information, education, training, and assistance to the healthcare sector
Go to https://www.phe.gov/Preparedness/planning/CyberTF/Documents/report-2017.pdf for the report published June 2017 by the Cyber Task Force titled “Report on Improving Cybersecurity in the Healthcare Industry.”