Lawmakers Move to Protect Healthcare Infrastructure from Potential Russian Threat

Amid increased concerns over a potential Russian state-sponsored cyber attack on U.S. systems, two senators introduced a new bill to specifically protect the healthcare industry. 

The Healthcare Cybersecurity Act, sponsored by Sens. Jack Rosen, D-Nev., and Bill Cassidy, R-La., would direct the Cybersecurity and Infrastructure Security Agency to collaborate thoroughly with the Department of Health and Human Services on defending sixteen infrastructure fields designated as “critical.”

“Health centers save lives and hold a lot of sensitive, personal information. This makes them a prime target for cyber-attacks,” said Cassidy. “This bill protects patients’ data and public health by strengthening our resilience to cyber warfare.”

This follows the White House’s recent warning of a high risk of cyberattacks as Russia continues to wage war against Ukraine. The Healthcare Cybersecurity Act works to mitigate this threat by authorizing more cybersecurity education and training to health care industry leaders. 

CISA would also be required to issue a study on cybersecurity risks within the public health care sector, examining which assets are most at risk and if agencies are dealing with cybersecurity workforce shortages. 

“In light of the threat of Russian cyberattacks, we must take proactive steps to enhance the cybersecurity of our healthcare and public health entities,” said Rosen. “Hospitals and health centers are part of our critical infrastructure and increasingly the targets of malicious cyberattacks, which can result in data breaches, the cost of care being driven up and negative patient health outcomes.”

Rosen, alongside Sen. Marsha Blackburn, R-Tenn., recently introduced another piece of legislation around cybersecurity that protects Veterans Affairs systems from malware and other malicious attacks.