Senate moves one step closer to passing health care cyber reforms 

Staff Editor 2026-02-26

Senate moves one step closer to passing health care cyber reforms 

https://cyberscoop.com/senate-passes-health-care-cyber-reforms-cassidy/

Publish Date: 2026-02-26 15:37:00

Source Domain: cyberscoop.com

A key Senate Committee moved to advance legislation that would overhaul cybersecurity practices at the Department of Health and Human Services.

The bipartisan Health Care Cybersecurity and Resiliency Act sailed through the Senate Health, Education and Labor Committee Thursday on a 22-1 vote, with only Sen. Rand Paul, R-Ky., opposing it.

The legislation, sponsored by committee chair Bill Cassidy, R-La., and Sens. Mark Warner, D-Va., John Cornyn, R-Texas and Maggie Hassan, D-NH, would require the Secretary of Health and Human Services to develop a cybersecurity incident response plan for the department and provide it to Congress for review.

It would direct the department to partner with the Cybersecurity and Infrastructure Security Agency on oversight of cybersecurity in the health care and public health sectors, create specific cybersecurity guidance for rural healthcare providers and develop a plan to boost cybersecurity literacy within the healthcare workforce.

Cassidy and other members cited the 2024 Change Healthcare attack as a major driver for the legislation, arguing the incident was emblematic of a sector that is under constant siege from cybercriminals, ransomware actors and nation-states.

“Last year there were more than 730 cyber breaches affecting over 270 million Americans [connected to] Change Healthcare, exposing 190 million people’s data and delaying access to care.”  Cassidy said at the opening of the hearing.

Another provision would designate the Administration for Strategic Preparedness and Response at HHS as the Sector Risk Management Agency for the Healthcare and Public Health sectors.

Earlier this month, an HHS official from that office speaking at CyberTalks, presented by CyberScoop, said the Change Healthcare attack took many private and public sector defenders by surprise, underscoring how the compromise of a little-known third-party service provider concentrated within a single sector can still take…

Source

More Stories

Gaming soundbar can be hijacked from over 16 yards away without touch or pairing — the company allegedly refuses to label the blatant security flaw a cybersecurity risk

Gaming soundbar can be hijacked from over 16 yards away without touch or pairing — the company allegedly refuses to label the blatant security flaw a cybersecurity risk

Staff Editor 2026-06-06
White House EO Seeks Early Evaluation of Frontier AI Models

White House EO Seeks Early Evaluation of Frontier AI Models

Staff Editor 2026-06-06
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy