{"id":2772,"date":"2024-03-22T14:47:43","date_gmt":"2024-03-22T19:47:43","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=79878"},"modified":"2024-03-22T14:47:43","modified_gmt":"2024-03-22T19:47:43","slug":"top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/03\/22\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack\/","title":{"rendered":"Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v21.7 (Yoast SEO v21.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cybersecurity-minimum-standards-change-healthcare-mark-warner\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack\"> <meta property=\"og:description\" content=\"The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proposals.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cybersecurity-minimum-standards-change-healthcare-mark-warner\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-03-22T19:47:43+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"AJ Vicens\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@AJVicens\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1710875768g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1711039170g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1710430945g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/79878\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=79878\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcybersecurity-minimum-standards-change-healthcare-mark-warner%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcybersecurity-minimum-standards-change-healthcare-mark-warner%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-79878 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cybersecurity-minimum-standards-change-healthcare-mark-warner\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.3125\">\n<div class=\"single-article__header-content\" readability=\"30.343220338983\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proposals. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Sen. Mark Warner, D-Va., delivers remarks during a Rules Committee hearing at the Russell Senate Office Building on Nov. 14, 2023 in Washington, D.C. (Photo by Kevin Dietsch\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"32.346431546793\"><body readability=\"65.723429592141\"><\/p>\n<p>A bill proposed Friday in the Senate would allow health care providers who suffer cyberattacks to qualify for advanced and accelerated payments through government programs so long as they and their vendors met minimum cybersecurity standards.<\/p>\n<p>The <a href=\"https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?ID=AADF3724-148A-4545-BD41-A2735435486F\">legislation<\/a> from Sen. Mark Warner, D-Va., comes a month after the ransomware attack that targeted <a href=\"https:\/\/cyberscoop.com\/tag\/change-healthcare\/\">Change Healthcare<\/a> \u2014 a payment processor whose technology touches 1 in 3 American patient records \u2014 crippled the health industry and the ability for many health care facilities to bill insurance companies and receive payments.<\/p>\n<p>The proposal comes as UnitedHealth Group, the health industry behemoth and Change Healthcare parent company, has come under increasing scrutiny for its handling of the incident, particularly from Congress. UnitedHealth Group CEO Andrew Witty is planning an appearance before the Senate Finance Committee, which counts Warner as a member, to \u201cdiscuss the attack on Change Healthcare and the U.S. health care system,\u201d a company spokesperson told CyberScoop on Friday.<\/p>\n<p>\u201cWe are prioritizing ensuring patient access to care and medications, restoration of our systems, protection of data, and engaging with providers through multiple channels to help raise awareness of our provider relief programs,\u201d the spokesperson said. \u201cWe are also committed to working with Congress and industry leaders to address cybersecurity to ensure the protection and resiliency of our health care system.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Health care industry and cybersecurity experts <a href=\"https:\/\/cyberscoop.com\/health-care-groups-resist-cybersecurity-rules-in-wake-of-landmark-breach\/\">told CyberScoop last week<\/a> that implementing mandatory minimum cybersecurity standards will be difficult, and major groups \u2014 including the American Hospital Association \u2014 have said they would oppose such proposals.<\/p>\n<p>A spokesperson for the American Hospital Association did not immediately respond to a request for comment Friday regarding Warner\u2019s legislation.<\/p>\n<p>Under Warner\u2019s bill, health care providers could be eligible for advanced payments through the Centers for Medicare &amp; Medicaid Services (CMS) if they met so-far undetermined minimum cybersecurity standards established by the secretary of the Department of Health and Human Services. If a provider\u2019s intermediary was the target of the incident, that intermediary would also have to have met those standards, according to the <a href=\"https:\/\/www.warner.senate.gov\/public\/_cache\/files\/9\/1\/912e96f3-6819-42f2-b6bc-11b4ed794889\/A3B1C470B439B26BBC83E6C7FFFFFA34.goe24245.pdf\">legislation<\/a>.<\/p>\n<p>\u201cI\u2019ve been sounding the alarm about cybersecurity in the health care sector for some time,\u201d Warner, co-chair of the Senate Cybersecurity Caucus, said in a statement. \u201cIt was only a matter of time before we saw a major attack that disrupted the ability to care for patients nationwide. The recent hack of Change Healthcare is a reminder that the entire health care industry is vulnerable and needs to step up its game. This legislation would provide some important financial incentives for providers and vendors to do so.\u201d<\/p>\n<p>Sen. Ron Wyden, D-Ore., said during a March 14 hearing that he would also be proposing legislation to establish minimum standards. Wyden, the Senate Finance Committee chair, also said that companies like UnitedHealth Group have become \u201cso large\u201d as to create a \u201csystemic cybersecurity risk,\u201d and that after mandatory rules are in place, \u201cthe next step has got to be fines and accountability for negligent CEOs, which will enable HHS to protect patients and our national security.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.1265560165975\">\n<div class=\"author-card\" readability=\"8\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/top-democrat-proposes-minimum-cybersecurity-standards-in-wake-of-change-healthcare-attack-1.jpg?w=640&#038;ssl=1\" alt=\"AJ Vicens\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by AJ Vicens<\/h4>\n<p> AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal\/WhatsApp: (810-206-9411). <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/cybersecurity-minimum-standards-change-healthcare-mark-warner\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Top Democrat proposes minimum cybersecurity standards in wake of Change<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1603,117,46,1180,1736,1604],"tags":[1605,119,54,1182,1737,1606],"class_list":["post-2772","post","type-post","status-publish","format-standard","hentry","category-change-healthcare","category-government","category-ransomware","category-ron-wyden","category-sen-mark-warner","category-unitedhealth-group","tag-change-healthcare","tag-government","tag-ransomware","tag-ron-wyden","tag-sen-mark-warner","tag-unitedhealth-group"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/change-healthcare\/\" rel=\"category tag\">Change Healthcare<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ron-wyden\/\" rel=\"category tag\">Ron Wyden<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/sen-mark-warner\/\" rel=\"category tag\">Sen. Mark Warner<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unitedhealth-group\/\" rel=\"category tag\">UnitedHealth Group<\/a>","tag_info":"UnitedHealth Group","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2772","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2772"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2772\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2772"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2772"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2772"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}