Adrian Johnson
“`html
TLDR:
– Former acting National Cyber Director Kemba Walden emphasizes the need for Congressional action to codify cybersecurity requirements for the healthcare industry.
– Walden highlights the vulnerabilities in the healthcare industry, especially in the context of mergers and acquisitions.
Full Article:
Former acting National Cyber Director Kemba Walden has called for Congressional action to enact legislation that would establish cybersecurity requirements for the healthcare industry. This comes in the wake of the Change Healthcare ransomware attack that disrupted the largest healthcare payment system in the country earlier this year. Walden stressed the importance of codifying the voluntary cybersecurity standards published by the Department of Health and Human Services (HHS) at the end of 2023, making them mandatory for all healthcare systems.
Walden also highlighted the vulnerabilities present in the healthcare industry, particularly in the context of mergers and acquisitions. She pointed out that larger healthcare companies engaging in digital services should be treated as tech companies, responsible for protecting patient data and ensuring access to healthcare services. Walden emphasized the need for the Federal government to support healthcare companies in becoming proficient in cybersecurity practices, especially in rural areas.
In a letter to HHS Secretary Xavier Becerra, Senate Finance Committee Chair Ron Wyden underscored the urgency of mandating systemically important healthcare companies to enhance their cybersecurity practices. Wyden criticized HHS’ current approach of self-regulation and voluntary best practices, calling it inadequate and leaving the healthcare system vulnerable to cyberattacks.
Overall, Walden’s call for Congressional action and Wyden’s letter to HHS highlight the pressing need for increased cybersecurity measures in the healthcare industry to protect against disruptive cyberattacks and safeguard patient data.
“`
