Ask AI
Bill117th CongressFiled Mar 23, 2022Health
S. 3904

Healthcare Cybersecurity Act of 2022

Bill journey · stage 2 of 5

Under committee review

Filed
Comm.
Floor
Both
Law

What it doesSummary reported to senate (Oct 18, 2022)

Healthcare Cybersecurity Act of 2022

This bill requires the Department of Health and Human Services (HHS) to undertake activities to improve the cybersecurity of the health care and public health sector.

HHS must coordinate with the Cybersecurity and Infrastructure Security Agency (CISA) on these activities; in particular, CISA must make resources, including cyber-threat indicators and appropriate defense measures, available to federal and nonfederal entities that receive information through HHS programs.

In addition, HHS must provide training on cybersecurity risks and mitigation strategies to owners of assets in the health care and public health sector.

HHS must also update the Healthcare and Public Health Sector Specific Plan, which guides the sector's effort to enhance the security and resilience of critical infrastructure. The updates must address, among other topics, the impact of the risks on rural entities and small- and medium-sized entities, cybersecurity workforce shortages in the sector, and challenges related to the COVID-19 emergency.

What just happenedOct 18, 2022

Placed on Senate Legislative Calendar under General Orders. Calendar No. 527.

Who’s behind it

Sen. Rosen, Jacky [D-NV](D-NV)Sponsor
6 cosponsors3 D2 R1 I
Read on Congress.gov
6cosponsors1committees6actions1related bills14subjects
  1. Oct 18, 2022Calendars

    Placed on Senate Legislative Calendar under General Orders. Calendar No. 527.

  2. Oct 18, 2022Committee

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Peters under authority of the order of the Senate of 10/14/2022 with an amendment in the nature of a substitute and an amendment to the title. With written report No. 117-177.

    Homeland Security and Governmental Affairs Committee
  3. Oct 18, 2022Committee14000

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Peters under authority of the order of the Senate of 10/14/2022 with an amendment in the nature of a substitute and an amendment to the title. With written report No. 117-177.

    Homeland Security and Governmental Affairs Committee
  4. Mar 30, 2022Committee

    Committee on Homeland Security and Governmental Affairs. Ordered to be reported with an amendment in the nature of a substitute favorably.

    Homeland Security and Governmental Affairs Committee
  5. Mar 23, 2022IntroReferral

    Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

    Homeland Security and Governmental Affairs Committee
  6. Mar 23, 2022IntroReferral10000

    Introduced in Senate

Reported to SenateOct 18, 202225

Healthcare Cybersecurity Act of 2022

This bill requires the Department of Health and Human Services (HHS) to undertake activities to improve the cybersecurity of the health care and public health sector.

HHS must coordinate with the Cybersecurity and Infrastructure Security Agency (CISA) on these activities; in particular, CISA must make resources, including cyber-threat indicators and appropriate defense measures, available to federal and nonfederal entities that receive information through HHS programs.

In addition, HHS must provide training on cybersecurity risks and mitigation strategies to owners of assets in the health care and public health sector.

HHS must also update the Healthcare and Public Health Sector Specific Plan, which guides the sector's effort to enhance the security and resilience of critical infrastructure. The updates must address, among other topics, the impact of the risks on rural entities and small- and medium-sized entities, cybersecurity workforce shortages in the sector, and challenges related to the COVID-19 emergency.

Introduced in SenateMar 23, 2022

Healthcare Cybersecurity Act of 2022

This bill requires the Cybersecurity and Infrastructure Security Agency (CISA) to undertake activities to improve the cybersecurity of the health care and public health sector.

Specifically, CISA must collaborate with the Department of Health and Human Services (HHS) to improve cybersecurity in that sector. This includes making resources, including cyber-threat indicators and appropriate defense measures, available to federal and nonfederal entities that receive information through HHS programs.

In addition, CISA must provide training on cybersecurity risks and mitigation strategies to owners of assets in the health care and public health sector.

CISA must also conduct a study on cybersecurity risks in the health care and public health sector. The study must address, among other topics, the impact of the risks on rural entities and small- and medium-sized entities, cybersecurity workforce shortages in the sector, and challenges related to the COVID-19 emergency.

Healthcare Cybersecurity Act of 2022 — Informed