Warner seeks guidance on bulking up healthcare cybersecurity

The risk of cyberattacks on the healthcare industry is getting Congressional attention, with a key senator asking for guidance on how to improve security.

Mark Warner (D-Va.), co-chair of the Senate Cybersecurity Caucus, is asking federal agencies and healthcare trade associations for details on measures being taken by the federal government to ameliorate security vulnerabilities in the healthcare industry.

Warner is seeking guidance from the Food and Drug Administration, Department of Health and Human Services, Centers for Medicare and Medicaid Services and the National Institute of Standards and Technology.

Warner-Mark2-CROP
Senator Mark Warner, a Democrat from Virginia, speaks during a Senate Intelligence Committee hearing in Washington, D.C., U.S., on Tuesday, Jan. 29, 2019. North Korea is unlikely to give up its nuclear capabilities, the top U.S. intelligence official said, even as President Donald Trump expresses confidence he can persuade Kim Jong Un to disarm. Photographer: Aaron P. Bernstein/Bloomberg

In addition, he sent letters to 12 healthcare trade associations, including AdvaMed, the American Hospital Association, American Medical Association, the Federation of American Hospitals, America’s Health Insurance Plans, the Healthcare Information and Management Systems Society, the Healthcare Leadership Council, Health Information Sharing and Analysis Center, National Rural Health Association, Med ISAO and the Virginia Hospital and Healthcare Association.

Also See: Study shows growing concern over effectiveness of cyber defense

In the letters, Warner stressed that increased use of information technologies can improve quality of care, expand access to care and reduce costs, but this has made the industry more vulnerable to attacks. “As we welcome the benefits of healthcare technology we must also ensure we are effectively protecting patient information and the essential operations of our healthcare entities,” he notes.

Warner asked for responses to nine questions covering steps being taken to reduce cyberattacks, updated inventory of all connected systems, appropriate patch management programs, efforts to develop in-house cyber technical expertise, changes to laws to improve combating cyberattacks and recommendations for an industrywide plan to improve cybersecurity.

“It is my hope that with thoughtful and carefully considered feedback we can develop a national strategy that improves the safety, resilience and security of our healthcare system,” Warner says.

For reprint and licensing requests for this article, click here.