Share this
Critical Insight Data Helps Shape Senator Warner’s “Cybersecurity is Patient Safety” Policy Document
by Critical Insight on November 15, 2022
Healthcare providers and associated administrative businesses have endured a cyberattack onslaught over the past few years. Federal agencies, Congress, State and Local Governments have recognized the risks and have issued regulations and funding to address cybersecurity gaps in the sector. Many think that more needs to be done at the national level. Senator Mark Warner, a longtime champion for taking a robust approach to cyber defense, recently issued a policy discussion white paper titled Cybersecurity is Patient Safety: Policy Options in The Health Care Sector (ref 1).
Many healthcare providers struggle to defend their IT and connected healthcare systems from cyberattacks. News reports of attacks that target hospitals, medical insurance providers, pharmacies, and other vital components of the healthcare delivery sector are common. A ransomware attack that disrupted many sites operated by CommonSpirit is still having an impact over a month after the first effects were felt (ref 2).
Critical Insight's H2 2021 Healthcare Data Breach Report (ref 3) is cited in Senator Warner's white paper to support the need to bolster protections across the healthcare cybersecurity sector. Alongside other prominent organizations that provide cybersecurity and healthcare sector data and insights.
What the White Paper Covers
Senator Warner's policy paper aims to spark a national conversation on how we can boost our cyber defenses to protect us all from the scourge of cybercriminals targeting our healthcare systems. The policy document outlines proposals in three broad areas:
Improving Federal Leadership and Our National Risk Posture - The first section outlines the complexity of the current Health Care Cybersecurity Ecosystem across Government and industry. It then discusses how healthcare cybersecurity legislation and governance are currently structured, along with questions and proposed changes to generate feedback on the proposals designed to make the healthcare cybersecurity landscape safer.
Improving Health Care Providers’ Cybersecurity Capabilities through Incentives and Requirements - This section makes the case that protecting patient data from cybercriminals should be seen as critical to patient health and safety as air quality and infection control. Medical safety controls get delivered via regulations that healthcare providers must implement. The white paper makes the case that Congress should extend the basic regulations covering medical best practices to include some minimum cybersecurity hygiene practices.
Recovery from Cyberattacks - The third section of the white paper highlights how long cyberattackers typically have access to IT systems before they get discovered and the impacts this has. It then outlines some suggested mitigating measures plus questions to encourage comment and feedback.
The white paper concludes with a call to action, inviting interested parties to send feedback and suggestions specific to the content and questions outlined, or additional ideas or language for inclusion in eventual legislation, to Senator Warner's office. Everyone with an interest in this area should download, read, and comment back to the Senator's office.
Protect Your Healthcare IT with Critical Insight
Delivering cybersecurity services to protect critical infrastructure and IT systems in organizations such as healthcare providers is why Critical Insight exists. We have decades of experience in our team across the health sector, local government, state government, and private sector critical infrastructure providers. We can provide cybersecurity services and assistance to healthcare providers that cover all their cybersecurity eventualities. Use the form below to contact us to discuss protecting your patients from cyber criminals.
References
1. Office of Sen. Mark R. Warner: Cybersecurity is Patient Safety: Policy Options in The Health Care Sector. Available as a PDF download from
2. SC Media: Ransomware attack impacted some CommonSpirit sites, but few details released. Available from
3. Critical Insight: Critical Insight Finds 35 Percent Increase in Attacks on Health Plans in 2021 End of Year Healthcare Data Breach Report. Press Release at https://www.criticalinsight.com/resources/news/article/critical-insight-finds-35-percent-increase-in-attacks-on-health-plans-in-2021-end-of-year-healthcare-data-breach-report
Share this
- Recent
- December 2023 (1)
- August 2023 (1)
- July 2023 (2)
- June 2023 (1)
- March 2023 (1)
- January 2023 (1)
- November 2022 (1)
- October 2022 (1)
- August 2022 (1)
- July 2022 (1)
- June 2022 (1)
- March 2022 (1)
- January 2022 (1)
- August 2021 (1)
- July 2021 (2)
- June 2021 (2)
- May 2021 (1)
- April 2021 (2)
- January 2021 (1)
- November 2020 (2)
- October 2020 (1)
- September 2020 (2)
- August 2020 (2)
- July 2020 (1)
- June 2020 (3)
- March 2020 (2)
- January 2020 (1)
- November 2019 (2)
- July 2019 (1)
- June 2019 (2)
- May 2019 (1)
- April 2019 (1)
- February 2019 (1)
- January 2019 (1)
- October 2018 (2)
- June 2018 (3)
- May 2018 (1)
- January 2018 (1)
- December 2017 (1)
- April 2017 (1)