Addressing Health Care Cybersecurity Vulnerabilities: AHA Testifies Before House Energy and Commerce Subcommittee on Health

The recent cyberattack on Change Healthcare has sparked concerns about the vulnerabilities in the health care sector, prompting the American Hospital Association (AHA) to share proposals and concerns with Congress and the Administration.

During a hearing on April 16 before a House Energy and Commerce Subcommittee on Health, John Riggi, AHA’s national advisor for cybersecurity and risk, emphasized the need for a comprehensive approach to address cybersecurity threats in the health care sector. Riggi stressed that the focus should not only be on hospitals but on the entire health care ecosystem.

Riggi urged Congress to deploy a strong offensive cyber strategy to combat cybercrime in the health care sector, emphasizing the critical importance of protecting patient safety and public health. He highlighted the impact of cyberattacks on patient care, stating that any disruption or delay in care poses a threat to patient safety.

In addition to calling for a proactive approach to cybersecurity, Riggi also urged Congress to address the aftermath of the cyberattack on Change Healthcare. He emphasized the need to ensure that providers are able to resume services, process claims, and access financial support to mitigate the costs incurred as a result of the attack.

Other experts who testified at the hearing included Greg Garcia from the Healthcare Sector Coordinating Council, Robert Sheldon from CrowdStrike, Scott MacLean from the College of Healthcare Information Management Executives, and Dr. Adam Bruggeman from the Texas Spine Center.

The hearing shed light on the urgent need for enhanced cybersecurity measures in the health care sector to safeguard patient care and protect critical infrastructure. As cyber threats continue to evolve, it is crucial for policymakers and stakeholders to work together to strengthen defenses and mitigate risks in the ever-changing landscape of cybercrime.