Healthcare , Industry Specific , Law & Litigation
Virginia Democratic Senator Mark Warner on Improving Healthcare Cybersecurity
Marian Koluvasc McGee (Health InfoSec) •
February 2, 2023
Virginia Democratic Sen. Mark Warner, who chairs the Senate Intelligence Select Committee, this year will require entities in the health care sector to meet certain minimum cybersecurity standards and address other security concerns. He said he hopes to garner support for a new bipartisan law to encourage.
“It won’t be one senator to introduce a bill that crosses the finish line. It will have to be a collaborative effort,” he said in an interview with the Information Security Media Group.
Last November, Warner’s office published a 36-page report examining the state of cybersecurity in the healthcare sector. We concluded that cybersecurity is a patient safety issue and presented dozens of policy considerations that could help address a long list of industry challenges (see below). US Senator Says Cybersecurity Is Patient Safety).
The report, which solicited public feedback, received nearly 100 comments, he said.
Among those proposals was that entities participating in Medicare and Medicaid programs should be required to apply minimum security practices as standard operating procedures. Industry groups and most Republican lawmakers generally oppose the prospect of new federal mandates, but some medical institutions appear to be yearning for a more solid direction, Warner said. says.
“I found this to be very straightforward, which is very interesting. Many small hospital systems and even some groups of doctors have stated that it does not work voluntarily. I had to have a ,” he says.
“I worry that we are one of the big events on cyberhealth and everyone is like, ‘Oh my God,’ and Congress could overreact.”
In the video interview, Warner also discusses:
- Why cybersecurity leadership structures for the federal government’s fragmented healthcare sector need to be revamped;
- addressing the cybersecurity workforce shortage and the Food and Drug Administration’s recent expanded authority over medical device cybersecurity;
- Why was it a mistake a few years ago to not include an interoperability standard requirement as part of the HITECH Act financial incentive program for the “meaningful use” of electronic medical records?
Warner was elected to the U.S. Senate in 2008 and was reelected for a third term in November 2020. He chairs the Senate Intelligence Committee and serves on the Senate Finance, Banking, Budget, and Rules Committee. From 2002 he served as governor of Virginia until 2006. Prior to his public office, Warner co-founded a company that would become Nextel, where he spent 20 years as a technology and business leader in Virginia.