The Senate approved a key cybersecurity bill Tuesday after several days of debate on the chamber floor, and it awaits reconciliation with an earlier House version of the bill.
Initial response from healthcare organizations was positive, buoyed by increased opportunities to share cyber threat information more broadly.
The Cybersecurity Information Sharing Act would make it easier for the private sector and government to share cyber threat information. The bipartisan legislation failed to advance on the floor several times earlier this year before this latest effort, which kicked off last week.
The legislation provides certain liability protections for companies passing along data about potential attacks. The bill passed the Senate 74-21.
The House passed similar information sharing legislation this past spring. The two chambers are now expected to try and hash out several sticky details in a bicameral conference, including which agency should oversee the information sharing process. Observers have suggested it's unlikely the House will take up the Senate legislation as it stands.
Industry groups praised the Senate's passage of the bill.
The College of Healthcare Information Management Executives (CHIME) and the Association for Executives in Health Information Security (AEHIS) issued a statement welcoming passage of the act.
“CISA will represent a significant advancement in cyber security and better enable the nation's chief information officers (CIO) and chief Information security officers (CISO) to better protect patient health information,” CHIME’s statement said.
CISA will allow CIOs and CISOs to share threats and vulnerabilities through a secure national information-sharing infrastructure with the necessary liability protections in place and will not risk patient trust, CHIME said, indicating that it is a first of many steps that need to be taken to protect healthcare information.
“As an important piece of the nation's critical infrastructure, it is vital that healthcare organizations have the tools and information they need to identify and more effectively defend against growing cyber threats,” the statement said. “CHIME and AEHIS are especially encouraged that the Senate-approved bill includes language that would establish a cyber security framework specifically focused on healthcare and instructs the Department of Health and Human Services to identify a specific leader on cyber preparedness.”
"Federal leadership is critical for ensuring the nation's hospitals and health systems, big and small, urban and rural, are better equipped with the resources they need to secure patient information," said Charles E. Christian, chair of the CHIME board of trustees. “The healthcare sector has become a prime target for bad actors, and it's important that the federal government works in conjunction with the industry to ensure provider organizations understand best practices to protecting patient data.”
Portions of this article appears courtesy of our sister publication, American Banker.
Register or login for access to this item and much more
All Health Data Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access