A Bipartisan Effort to Focus on Healthcare Cybersecurity
Thursday, November 16, 2017
Healthcare, Cybersecurity, House Energy and Commerce Committee, HHS Cybersecurity Modernization Act
Print Mail Download i

House Energy and Commerce Committee members Reps. Billy Long (R-Mo.) and Doris Matsui (D-Calif.) introduced the HHS Cybersecurity Modernization Act earlier this month in a bipartisan effort to address cybersecurity threats to the Department of Health and Human Services (HHS).  Representatives Long and Matsui have both described the bill, H.R. 4191, as a stepping-stone towards improving cybersecurity at HHS and the health care industry at large. However, the bill does not authorize any additional appropriations to do so.

The proposal would amend Title II of the Public Health Service Act by adding a section that:

  1. Authorizes the Secretary of HHS to designate an officer with the primary responsibility of overlooking HHS information security programs, including cybersecurity, and who will report directly to either the Secretary or his or her designee. As a reminder, earlier this year, the Healthcare Cybersecurity Task Force, a working group created under Section 405 of the Cybersecurity Act of 2015, recommended such a leadership position to supervise and oversee industry efforts. (For additional information, read our team’s insights on the task force’s report  and the big take-aways for the health care industry.)

  2. Provides the Secretary the authority to transfer, and in effect consolidate, the function and role of the HHS Chief Information Security Officer with the new officer position.

  3. Directs the Secretary of HHS to develop and submit a plan to the House Committee on Energy and Commerce and the Senate Committee on Health, Education, Labor, and Pensions on how HHS will prepare for and respond to cybersecurity threats. The plan must:

  • Describe how HHS and its agencies will coordinate to maintain the security and integrity of their respective information systems, and how they will provide regulation, guidance, information, education, training and assistance to the health care industry, and any anticipated challenges in doing so.

  • Differentiate between HHS’s role in regulating the health care industry and its role as a coordinator, namely the Sector-Specific Agency, for the health care industry.

The bill’s introduction came on the heels of the departure of Deven McGraw, deputy director for health information privacy for HHS’s Office for Civil Rights (HHS-OCR).  Illiana Peters is currently the acting deputy director for health information privacy at HHS-OCR.  Peters’ appointment combined with the push to improve health care cybersecurity under H.R. 4191 indicates a great likelihood that HHS-OCR is zeroing in on health care cybersecurity.

© 2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved.

Current Legal Analysis

More from Faegre Drinker

SCOTUS Denies Certiorari in Cases Concerning FCA Liability Requirement, Objective Falsity Circuit Split Remains Intact
by: Commercial Litigation Practice Group
Groundbreaking Fourth Circuit Decision Upholds Private Plaintiff’s Successful Effort to Unwind a Consummated Merger
by: Kathy L. Osborn , Emily E. Chow
Travel Bans and Quarantine Hotels: Traveling to the U.K. During COVID-19
by: Hodon Anastasi
TCPA Plaintiff Argues he wasn’t Injured in Attempt to Dodge Federal Jurisdiction
by: Marsha J. Indych , Renée M. Dudek
Silver Lining: COVID-19 Engagements Allow More Time for Premarital Financial Planning
by: Jaime A. Quick
Biden EPA Makes First Moves to Address PFAS in Drinking Water
by: Bonnie Allyn Barnett , Brandon W. Kirkham
Predicting the Enforcement Priorities of the Biden DOJ
by: Thomas J. Kelly , Daniel E. Pulliam
New York City Council Imposes Stricter Discipline Requirements on Fast Food Employers
by: Gerald T. Hathaway
Disclosure of Binding Arbitration Not Required In Consumer Warranties, Says Florida Supreme Court
by: Traci T. McKee , Lexi C. Fuson
FCC Order Causes Confusion Regarding Consent Required for Informational Calls to Residential Landlines
by: Matthew M. Morrissey

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins