HSCC Urges Biden to Provide Funding to Bolster Cybersecurity Posture of the Healthcare Sector

The Healthcare and Public Health Sector Coordinating Council (HSCC) has urged President Biden to provide further funding and support to improve the cybersecurity posture of the healthcare sector to improve resilience to cyberattacks.

In a recent letter addressed to President Biden and copied to Senate and House party leaders, the HSCC called for more funds to help the healthcare sector deal with cyber threats, improved collaboration between the healthcare industry and government, and for the government to provide a roadmap for making improvements to the cybersecurity readiness of the healthcare sector.

Under the American Rescue Plan, the government has made funding available to modernize federal information technology systems to improve resilience against future cyberattacks. $9 billion will be invested to help the U.S. launch major new IT and cybersecurity shared services at the Cyber Security and Information Security Agency (CISA) and the General Services Administration, and $690 million has been made available to CISA to bolster cybersecurity across federal civilian networks; however, none of that funding has been made available to directly help the healthcare sector, even though the healthcare sector has been heavily targeted by cyber actors prior to and during the pandemic.

According the HSCC, the healthcare sector is currently stretched to its limits to meet its clinical and public health obligations. The healthcare industry has faced relentless cybersecurity threats that have grown in magnitude and complexity year after year, and the situation has become far worse during the pandemic. Those threats, including ransomware, have targeted the technology integral to patient care.

Cyberattacks such as the ransomware attack on Colonial Pipeline threaten national security, but these attacks are also placing patient safety at risk. The attacks can result in denial of service, corruption of data on medical devices, and data manipulation that can have a direct implication for clinical operations, patient care, and public health.

“In assessing how the American Rescue Plan, coupled with the recently released Executive Order on Improving the Nation’s Cybersecurity, can measurably strengthen the security and resiliency of the healthcare system and patient safety, we request an enhanced strategic planning process within the administration that will complement the ongoing cybersecurity partnership between the HSCC, the Department of Health and Human Services and other essential government partners,” said HSCC in the letter. “As you lead the nation out of the pandemic, put more Americans back to work and increase their access to health insurance, the ability of the healthcare sector to deter cyber threats is imperative for the nation to maintain public health and global competitiveness beyond the pandemic.”

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.