- Winners and losers in the Top500 supercomputer ranking
- Meter secures $170 million to scale NaaS stack from the ground up
- Garmin unveils its Apple Ultra Watch 2 competitor, the Venu X1
- Anker issues recall for popular power bank due to fire risk - stop using it now
- Massive cloud outage knocks out internet services across the globe
Congress Introduces Bill to Strengthen Healthcare Cybersecurity
US legislators have introduced a new Healthcare Cybersecurity Bill to Congress, which is designed to expand the federal government’s role in preventing and responding to data breaches of Americans’ medical data.
Congressman Jason Crow (D-CO) introduced the bi-partisan legislation on June 10 as part of efforts to tackle surging healthcare data breaches in the US.
In January 2025, it was reported that 190 million US citizens’ personal and medical data records were impacted by the Change Healthcare ransomware attack in 2024 alone.
The Change Healthcare incident also resulted in significant disruption to patient care.
The Healthcare Cybersecurity Bill would specifically require the Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Health and Human Services (HHS) to collaborate on improving cybersecurity in both the healthcare and public health sectors.
The collaboration efforts include:
- Facilitating the sharing of cyber threat intelligence between the agency and department to improve understanding of cyber risks in healthcare
- CISA to provide training to the owners and operators of healthcare organizations on how to mitigate risks
- The HHS and CISA to create a healthcare sector specific risk management plan, including evaluating best practices for how the government can support the security of covered technologies, services and utilities before, during and after data breaches
- Establishing an objective criteria for determining high risk assets in the healthcare sector, and notify the owners and operators of these assets
- CISA to submit reports to congress on the support and activities it has provided to the healthcare and public health sector to proactively prepare to face cyber threats
Congressman Brian Fitzpatrick (R-PA) who joined Crow in introducing the Bill, commented: “This bipartisan bill takes direct, strategic action: empowering CISA and HHS to coordinate real-time threat sharing, expanding cybersecurity training for providers, and establishing a dedicated liaison to bolster response. We’re not just responding to attacks—we’re building the infrastructure to prevent them, protect patient privacy, and defend a vital pillar of our national security.”
In January 2025, the HHS announced plans to update the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, requiring healthcare providers to implement enhanced security measures for individuals’ protected health information (PHI).
This includes providing regulated entities with a specific level of authentication for accessing relevant IT systems and mandating the continuous testing of security measures.
