Rosen, Young, King Introduce Bipartisan Bill to Improve Cybersecurity in Health Care, Public Health

WASHINGTON, DC – Today, U.S. Senators Jacky Rosen (D-NV), Todd Young (R-IN), and Angus King (I-ME) introduced the bipartisan Healthcare Cybersecurity Act to bolster the health care and public health sectors’ cybersecurity in light of recent, devastating cyberattacks. Earlier this year, the health care sector faced a ransomware attack on the health payment platform Change Healthcare, highlighting the lack of preparation and training during the recovery process. This bipartisan bill will direct the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to collaborate on improving cybersecurity and make resources available to non-federal entities relating to cyber threat indicators and appropriate defense measures. It would also create a special liaison to HHS within CISA to coordinate during cybersecurity incidents and collaborate to support health care and public health sector entities.

“The health care industry is still reeling from recent cyberattacks, and rural and small health care entities in Nevada have been particularly affected,” said Senator Rosen. “It’s imperative that we take measures to improve cybersecurity in the health care sector to prevent data breaches and protect Nevadans, which is why I’m introducing this bipartisan legislation. I’ll keep working to strengthen the cybersecurity of this critical sector and keep people safe from malicious actors.”

“In recent years, hospitals and other health care facilities in Indiana and across America have experienced a dramatic increase in cyberattacks,” said Senator Young. “Our bipartisan bill will take critical steps to strengthen cybersecurity infrastructure and better protect patients’ personal data.”

“Healthcare cyberattacks are a growing threat nationwide, and also hit home for Maine, where several major healthcare systems have been compromised in recent years due to cybercrimes,” said Senator King, co-chair of the Cyberspace Solarium Commission. “These attacks and breaches of data can literally mean the difference between life and death for patients, significantly impact hospital operations, and — with the average hack costing millions to address — increase healthcare prices across the board. The bipartisan Healthcare Cybersecurity Act will take important steps toward protecting patients’ data and healthcare provider capabilities, and bolstering our cybersecurity infrastructure and response.”

“The cyberattacks on Change Healthcare this year have caused a severe interruption to Nevada’s Critical Access Hospitals, and we thank Senator Rosen for sponsoring this legislation to help protect our rural hospitals and their patients,” said Blayne Osborn, President of Nevada Rural Hospital Partners.

“Cyber attacks are one of the most pressing concerns for our community health centers, which must direct an increasing share of funds away from patient care towards data security,” said Nancy Bowen, Chief Executive Officer of the Nevada Primary Care Association. “The Nevada Primary Care Association appreciates Senator Rosen for introducing the Healthcare Cybersecurity Act to direct federal resources to help keep our systems safe and our health centers focused on their primary mission of providing excellent care.”

“As Dean of the Kirk Kerkorian School of Medicine at UNLV, we wholeheartedly support Senator Jacky Rosen’s proposed legislation to enhance the cybersecurity of the Healthcare and Public Health Sector,” said Marc Kahn, Dean of the University of Nevada Las Vegas Medical School. “This critical initiative addresses the increasing threats to our healthcare infrastructure, ensuring the protection of sensitive patient data and the integrity of our medical systems. By implementing comprehensive cybersecurity measures, this legislation will not only safeguard our healthcare facilities but also enhance the overall quality of care and patient outcomes. We commend Senator Rosen for her leadership and commitment to strengthening the resilience of our healthcare sector in the face of evolving cyber threats.”

“The Healthcare Cybersecurity Act of 2024 represents a critical step forward in safeguarding our nation’s healthcare infrastructure,” said Chuck Podesta, Chief Information Officer at Renown Health. “By fostering collaboration between key federal agencies and providing targeted resources and training to healthcare organizations, this legislation addresses the escalating threats of cyberattacks that jeopardize patient safety and data security. Enhancing healthcare specific cybersecurity measures is a fundamental component of delivering reliable and secure healthcare to all Nevadans.”

As the first and only former computer programmer to serve in the U.S. Senate, Senator Rosen has led the fight to strengthen the United States’ cybersecurity. Following the major cyberattack on Change Healthcare earlier this year, Rosen called on the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency to put forth a plan to help health care systems respond to this incident and to prevent attacks like this in the future. She has introduced bipartisan bills to bolster the cybersecurity of medical devices and records from the Department of Veterans’ Affairs, both of  which were signed into law.