Healthcare Cybersecurity Act of 2022: What to Know

Healthcare, Healthcare Advisory Services, Cyber and Information Security Services

On March 23, 2022, lawmakers introduced a new bill, the Healthcare Cybersecurity Act of 2022, which would direct the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to collaborate on how to improve cybersecurity measures across hospitals and healthcare networks operating in the healthcare and public health sector.

This new bill comes following a warning from the White House that there is an increased risk of cyber threats to American companies from Russia due to the war in Ukraine.

There are three main components to the bill:

  • Require the CISA and HHS to collaborate on improving cybersecurity in the healthcare sector
  • Authorize cybersecurity training for healthcare organizations and ways to mitigate risks to sector information systems
  • Require the CISA to conduct a detailed study on specific cybersecurity risks facing the healthcare industry

Healthcare facilities hold a significant amount of personally identifiable information, making them a target for these attacks. This bill is a good start in the critical improvements needed to increase the healthcare sector’s strength against cyber attacks.

Findings

  • Data reported to the Department shows that almost every month in 2020, more than 1,000,000 people were affected by data breaches at healthcare organizations. Cyberattacks on healthcare facilities rose 55% in 2020, and these attacks also resulted in a 16% increase in the average cost of recovering a patient record in 2020 compared to 2019.
  • According to data from the Office for Civil Rights of the Department, health information breaches have increased since 2016. In 2020 alone, the Department reported 663 breaches on covered entities, as defined under the Health Insurance Portability and Accountability Act of 1996 (Public Law 104–191), affecting more than 500 people, with over 33,000,000 total people affected by health information breaches.

Author: Stephanie Maresca, CPA | [email protected] and Jason Spezzano, Executive Cybersecurity Advisor | [email protected]

Cyber and Information Security Services

Contact Us

Contact us for a complimentary consultation to help you independently assess where you stand regarding cyber vulnerability. 

Schedule a Consultation
Read More
image of stethoscope and line graph

Healthcare

Quality patient care is what truly matters in today’s ever-changing healthcare society. But, sometimes that focus becomes clouded when you’re struggling to deliver that same level of patient care while […]

Learn More
Image of doctor working on a tablet.

Healthcare Advisory Services

In today’s demanding healthcare environment of continuous margin pressure, capital constraints and payer related issues to name just a few, Withum offers a wealth of expertise and resources designed to […]

Learn More
Photo of a lock.

Cyber and Information Security Services

Cybersecurity: Businesses Need the Right Protection Our Cyber threats continue to grow at an exponential rate. Additionally, the constantly changing technical landscape, including the introduction of disruptive technologies such as […]

Learn More