The health care system cannot deliver effective and safe care without deeper digital connectivity. If the health care system is connected, but insecure, this connectivity could betray patient safety, subjecting them to unnecessary risk and forcing them to pay unaffordable personal costs. Our nation must find a way to prevent our patients from being forced to choose between connectivity and security. In the Cybersecurity Act of 2015 (the Act), Congress established the Health Care Industry Cybersecurity (HCIC)
Task Force to address the challenges the health care industry faces when securing and protecting itself against cybersecurity incidents, whether intentional or unintentional. Real cases of identity theft, ransomware, and targeted nation-state hacking prove that our health care data is vulnerable.
Data collected for the good of patients and used to develop new treatments can be used for nefarious purposes such as fraud, identity theft, supply chain disruptions, the theft of research and development, and stock manipulation. Most importantly, cybersecurity attacks disrupt patient care