WASHINGTON, D.C. – U.S. Senator Gary Peters (D-MI), Chairman of the Homeland Security and Governmental Affairs Committee, convened a hearing to examine cybersecurity threats facing the healthcare sector and how the federal government and health care providers are working to prevent breaches. Peters and the witnesses highlighted the severity of the threat and discussed how cyber-attacks against the healthcare sector can affect patient care and compromise sensitive medical information. The hearing emphasized the need to implement Peters’ landmark law requiring critical infrastructure, including the healthcare sector, to report cyber-attacks and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA). Lawmakers also discussed what other actions Congress can take to strengthen cybersecurity for the healthcare sector.
“Cyber-attacks on hospitals, and other health care providers, can cause serious disruptions to their operations, and prevent them from effectively providing critical, lifesaving care to their patients. Breaches can also lead to the exposure of sensitive personal and medical information of patients and health care personnel,” said Peters during his opening statement. “These relentless cyber-attacks show that foreign adversaries and cybercriminals will stop at nothing to exploit cybersecurity vulnerabilities our critical infrastructure and most essential systems.”
To watch video of Senator Peters’ opening remarks, click here. For text of Peters’ opening remarks, click here.
To watch video of Senator Peters’ questions, click here.
The healthcare sector continues to face a significant increase in cybersecurity threats. For example, recent reports have shown ransomware attacks on American hospitals have doubled since 2016. These attacks have adversely impacted patient safety and care, as well as compromised the sensitive medical information of tens of millions of people. During the hearing, Peters highlighted how his law requiring critical infrastructure, including the healthcare sector, to report cyber-attacks and ransomware attacks to CISA will ensure the federal government has the tools and resources needed to help reduce the impact of these breaches and address network vulnerabilities. The witnesses also discussed unique cybersecurity challenges facing the healthcare sector and shed light on the impact that ransomware attacks can have on patient care. Peters asked the witnesses how small and rural hospitals – which often have limited financial resources – can invest in cybersecurity while also improving patient care. Finally, the hearing discussed how CISA and the Department of Health and Human Services can take additional actions to support the healthcare sector as they continue to face persistent and evolving cybersecurity threats.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to strengthen our nation’s cybersecurity. In addition to his historic incident reporting law, Peters’ bipartisan bill to enhance cybersecurity assistance to K-12 schools across the country was signed into law in 2021. Peters’ bipartisan bills to bolster cybersecurity for state and local governments, strengthen the federal cybersecurity workforce, and help secure federal information technology supply chains were also signed into law last Congress. The Chairman secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious cyber-attack recover quickly. Peters also released an investigative report on the role cryptocurrencies continue to play in emboldening and incentivizing cybercriminals to commit ransomware attacks that pose an increasing national security threat.
###