During a House Energy and Commerce Subcommittee on Health hearing on April 16, experts from the American Hospital Association (AHA), the Healthcare Sector Coordinating Council, CrowdStrike, the College of Healthcare Information Management Executives, and the Texas Spine Center discussed the importance of cybersecurity measures to protect the health care sector and ensure patient care continuity.
John Riggi, AHA’s national advisor for cybersecurity and risk, emphasized the need for a strong offensive cyber strategy to protect hospitals, health systems, and patients from cyber threats that can impact public health and safety. He called on Congress to address the issues stemming from the Change Healthcare cyberattack, such as ensuring providers can resume services, process claims, reconcile payments, and access financial support to cover costs incurred as a result of the attack.
Greg Garcia from the Healthcare Sector Coordinating Council urged Congress to prioritize addressing cybersecurity vulnerabilities in healthcare organizations across all sectors. Robert Sheldon from CrowdStrike highlighted the importance of implementing robust endpoint protection measures to prevent malware attacks that target patient data. Scott MacLean from the College of Healthcare Information Management Executives discussed how healthcare organizations must prioritize implementing secure software solutions to safeguard sensitive patient information. Dr. Adam Bruggeman from the Texas Spine Center emphasized how any cyberattack that disrupts patient care poses a risk to patient safety beyond economic implications.
In conclusion, experts at this hearing urged Congress to prioritize addressing healthcare cybersecurity vulnerabilities by implementing robust measures such as offensive strategies, endpoint protection measures, secure software solutions and safeguarding sensitive information. The focus should be on protecting not only hospitals but also all healthcare organizations across all sectors to ensure patient care continuity while minimizing risks posed by cyberattacks.
