Senate bill eyes minimum cybersecurity standards for health care industry | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/minimum-cybersecurity-standards-health-care-wyden-warner-bill\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Senate bill eyes minimum cybersecurity standards for health care industry\"> <meta property=\"og:description\" content=\"The legislation from Sens. Wyden and Warner comes in the aftermath of the February ransomware attack on Change Healthcare.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/minimum-cybersecurity-standards-health-care-wyden-warner-bill\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-09-26T18:50:34+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg\"> <meta property=\"og:image:width\" content=\"1024\"> <meta property=\"og:image:height\" content=\"647\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"mbracken\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1725982252g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1726846296g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1727276187g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81928\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81928\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fminimum-cybersecurity-standards-health-care-wyden-warner-bill%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fminimum-cybersecurity-standards-health-care-wyden-warner-bill%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81928 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/minimum-cybersecurity-standards-health-care-wyden-warner-bill\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.952380952381\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2024 CyberScoop 50 awards! <\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/vote\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.291058394161\">\n<div class=\"single-article__header-content\" readability=\"29.632653061224\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> The legislation from Sens. Wyden and Warner comes in the aftermath of the February ransomware attack on Change Healthcare. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"404\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry.jpg?resize=640%2C404&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg?resize=300,190 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg?resize=768,485 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg?resize=600,379 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg?resize=266,168 266w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-4.jpg?resize=533,337 533w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><figcaption> Sens. Ron Wyden, D-Ore., and Mark Warner, D-Va., talk before a Senate Armed Services Committee hearing in Washington, D.C. on Jan. 10, 2017. Wyden and Warner introduced a bill to require minimum cybersecurity standards in the health care sector on Sept. 26, 2024. (TASOS KATOPODIS\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"44.581439738229\"><body readability=\"90.232629012597\"><\/p>\n<p>Nearly five months after his <a href=\"https:\/\/cyberscoop.com\/change-healthcare-attack-stolen-data-ransom-andrew-witty-unitedhealth\/\">high-profile grilling<\/a> of UnitedHealth Group\u2019s chief executive following the devastating ransomware attack on Change Healthcare, Senate Finance Committee Chairman Ron Wyden introduced a bill Thursday aimed at preventing future cyber incidents capable of roiling the health care industry.<\/p>\n<p>The <a href=\"https:\/\/www.finance.senate.gov\/imo\/media\/doc\/health_infrastructure_security_and_accountability_act_leg_text.pdf\">Health Infrastructure Security and Accountability Act<\/a> from Wyden, an Oregon Democrat, and Senate Intelligence Committee Chairman Mark Warner, D-Va., would lock in mandatory minimum cybersecurity standards for providers, health plans and connected entities.<\/p>\n<p>Change Healthcare was vulnerable to the February attack because it did not have multi-factor authentication enabled on a server, allowing the hackers to gain remote access to the UnitedHealth-owned payment processor\u2019s systems with a set of stolen credentials. UHG\u2019s chief information security officer said this month that the company was <a href=\"https:\/\/cyberscoop.com\/unitedhealth-group-steven-martin-ciso-ransomware-attack-recovery\/\">forced to \u201cstart over\u201d with its systems<\/a> and is still feeling the effects of the attack.<\/p>\n<p>\u201cMegacorporations like UnitedHealth are flunking Cybersecurity 101, and American families are suffering as a result,\u201d Wyden said in a statement. \u201cThe health care industry has some of the worst cybersecurity practices in the nation despite its critical importance to Americans\u2019 well-being and privacy. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThese common sense reforms,\u201d Wyden continued, would \u201cinclude jail time for CEOs that lie to the government about their cybersecurity\u201d and \u201cwill set a course to beef up cybersecurity among health care companies across the nation and stem the tide of cyberattacks that threaten to cripple the American health care system.\u201d <\/p>\n<p>UnitedHealth CEO Andrew Witty said during the May Senate hearing that Change Healthcare, which the company acquired in October 2022, was in dire need of modernization and this particular server had not yet undergone the shift to MFA. The result was the exposure of \u201c<a href=\"https:\/\/cyberscoop.com\/stolen-change-healthcare-data-could-contain-information-on-a-substantial-portion-of-americans\/\">a substantial portion<\/a>\u201d of Americans\u2019 health data and massive, industry-wide issues \u2014 including problems with claim submissions, payments and the verification of patient eligibility \u2014 that <a href=\"https:\/\/www.ama-assn.org\/practice-management\/sustainability\/change-healthcare-cyberattack\">continue to this day<\/a>.<\/p>\n<p>Stronger protections for health care data is a key component of the new bill, which would require the Department of Health and Human Services to \u201c<a href=\"https:\/\/www.finance.senate.gov\/imo\/media\/doc\/health_infrastructure_security_and_accountability_act_one-pager.pdf\">proactively audit the data security practices of at least 20 regulated entities each year<\/a>,\u201d focusing specifically on health systems deemed to be systemically important.<\/p>\n<p>\u201cCyberattacks on our health care institutions threaten patients\u2019 most private data and delay essential medical care, directly endangering Americans\u2019 lives and long term health,\u201d Warner said in a statement. \u201cWith hacks already targeting institutions across the country, it\u2019s time to go beyond voluntary standards and ensure health care providers and vendors get serious about cybersecurity and patient safety.\u201d<\/p>\n<p>Warner also noted in his statement the portion of the bill intended to narrow the cyber gap between the industry\u2019s haves and have-nots. Rural and urban safety net hospitals would receive $800 million in up-front investment payments to ensure adoption of strengthened cybersecurity standards, while $500 million would be ticketed for all other hospitals. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In addition to its new audit duties called out in the bill, HHS would be able to levy larger financial penalties on health care companies with lax cyber practices thanks to the elimination of statutory caps on the agency\u2019s fining authorities. And HHS would have discretion to waive annual independent cyber stress tests for small providers that would otherwise be required of covered entities and business associates.<\/p>\n<p>\u201cCybersecurity remains an ever-evolving challenge in our health care ecosystem and more must be done to prevent cyberattacks and ensure patient safety,\u201d HHS Deputy Secretary Andrea Palm said in a statement. \u201cClear accountability measures and mandatory cybersecurity requirements for all organizations that hold sensitive data are essential. We are grateful for Senator Wyden and Senator Warner\u2019s leadership and look forward to continuing to work together on this legislation to strengthen cyber resiliency across our entire health care ecosystem.\u201d<\/p>\n<p>The bill also seeks to hold health care executives more responsible for cybersecurity failures, requiring those leaders to certify their institutions\u2019 compliance with the new minimum standards on a yearly basis. <\/p>\n<p>In the May Senate hearing, in which Witty confirmed UnitedHealth\u2019s $22 million ransom payment to the ALPHV hacking group, Wyden closed with his concerns about the attack setting a precedent \u201cto the bad guys of what they can accomplish,\u201d underscoring the need for legislative action and more industry transparency.<\/p>\n<p>\u201cYou\u2019re going to have to be much more active and much more forthcoming,\u201d he said, \u201cif we\u2019re going to turn this around.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"4.2128027681661\">\n<div class=\"author-card\" readability=\"15\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.jpg?w=640&ssl=1\" alt=\"Matt Bracken\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Bracken<\/h4>\n<p> Matt Bracken is the managing editor of FedScoop and CyberScoop, overseeing coverage of federal government technology policy and cybersecurity. Before joining Scoop News Group in 2023, Matt was a senior editor at Morning Consult, leading data-driven coverage of tech, finance, health and energy. He previously worked in various editorial roles at The Baltimore Sun and the Arizona Daily Star. You can reach him at matt.bracken@scoopnewsgroup.com. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"21.403846153846\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/house-bill-cyber-health-care-data\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"505\" height=\"337\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-2.jpg?resize=505%2C337&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-5.jpg?resize=1012,675 1012w\" sizes=\"auto, (max-width: 505px) 100vw, 505px\"> <\/a><figcaption class=\"screen-reader-text\"> Rep. Jason Crow, D-Colo., speaks at a news conference at the U.S. Capitol Visitors Center on May 25, 2023 in Washington, D.C. (Photo by Chip Somodevilla\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"1.9340101522843\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/house-bill-cyber-health-care-data\/\"> Senate bill to protect health care data gets House partner <\/a> <\/h3>\n<p> The Healthcare Cybersecurity Act calls on CISA and HHS to collaborate on defending health facilities from cyber incidents. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/senate-homeland-security-streamlining-cyber-regulations-bills\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"300\" height=\"166\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry.png?resize=300%2C166&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png 2750w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=300,166 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=768,424 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=1024,565 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=1536,848 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=2048,1130 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=600,331 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=1200,662 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-1.png?resize=1500,828 1500w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\"> <\/a><figcaption class=\"screen-reader-text\"> Sen. Gary Peters, D-Mich., holds a Senate Homeland Security and Governmental Affairs business meeting on July 31, 2024, in Washington, D.C. (Screenshot) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/senate-homeland-security-streamlining-cyber-regulations-bills\/\"> Cyber bills on federal regs, health security and workforce clear Senate panel <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/rural-hospital-ransomware-cyber\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"291\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-3.jpg?resize=291%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=300,173 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=768,444 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=1024,592 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=1536,888 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=600,347 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=291,168 291w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=583,337 583w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=1168,675 1168w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry-6.jpg?resize=1458,843 1458w\" sizes=\"auto, (max-width: 291px) 100vw, 291px\"> <\/a><figcaption class=\"screen-reader-text\"> A broken piggy bank with a stethoscope. (Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/rural-hospital-ransomware-cyber\/\"> Rural hospitals are particularly vulnerable to ransomware, report finds <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/cvasquez\/\"> Christian Vasquez <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/minimum-cybersecurity-standards-health-care-wyden-warner-bill\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Senate bill eyes minimum cybersecurity standards for health care industry<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1603,78,1436,459,1604],"tags":[1605,86,1439,461,1606],"class_list":["post-5497","post","type-post","status-publish","format-standard","hentry","category-change-healthcare","category-cybersecurity","category-department-of-health-and-human-services-hhs","category-health-care","category-unitedhealth-group","tag-change-healthcare","tag-cybersecurity","tag-department-of-health-and-human-services-hhs","tag-health-care","tag-unitedhealth-group"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/change-healthcare\/\" rel=\"category tag\">Change Healthcare<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-health-and-human-services-hhs\/\" rel=\"category tag\">Department of Health and Human Services (HHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/health-care\/\" rel=\"category tag\">health care<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unitedhealth-group\/\" rel=\"category tag\">UnitedHealth Group<\/a>","tag_info":"UnitedHealth Group","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5497"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5497\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":5497,"date":"2024-09-26T13:50:34","date_gmt":"2024-09-26T18:50:34","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81928"},"modified":"2024-09-26T13:50:34","modified_gmt":"2024-09-26T18:50:34","slug":"senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/09\/26\/senate-bill-eyes-minimum-cybersecurity-standards-for-health-care-industry\/","title":{"rendered":"Senate bill eyes minimum cybersecurity standards for health care industry"},"content":{"rendered":"