U.S. Sen. Bill Cassidy (R-LA) on Nov. 21 led bipartisan legislation that would require the U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) to coordinate on improving cybersecurity in the nation’s healthcare and public health sectors.
“Cyberattacks on our healthcare sector not only put patients’ sensitive health data at risk but can delay life-saving care,” Sen. Cassidy said. “This bipartisan legislation ensures health institutions can safeguard Americans’ health data against increasing cyber threats.”
Sen. Cassidy sponsored the Health Care Cybersecurity and Resiliency Act of 2024, S. 5390, alongside three original cosponsors, including U.S. Sen. Maggie Hassan (D-NH), as part of the senators’ bipartisan Healthcare Cybersecurity Working Group launched last year.
“Our bipartisan working group came together to develop this legislation based on the most pressing needs for medical providers and patients, and I urge my colleagues to support it,” said Sen. Hassan.
If enacted, S. 5390 also would provide grants to health entities to improve cyberattack prevention and response, and provide training to health entities on cybersecurity best practices, according to a bill summary provided by the lawmakers.
Additionally, the measure would provide best practices to rural health clinics and other providers on cybersecurity breach prevention, resilience, and coordination with federal agencies.
S. 5390 also would modernize current regulations so entities covered under the Health Insurance Portability and Accountability Act use the best cybersecurity practices, and would require the HHS Secretary to develop and implement a cybersecurity incident response plan, among other provisions, the summary says.