In the aftermath of a ransomware attack on Change Healthcare, which halted payments to pharmacies and hospitals, policymakers and lobbyists have been working tirelessly to develop strategies to prevent future attacks. These strategies include tying federal aid to cybersecurity requirements and creating new voluntary standards through public-private partnerships.
Washington is taking action to address the technology underpinning health care following this cyberattack. The incident has highlighted the vulnerabilities in just one company that can disrupt critical technology infrastructure that many health care providers and insurers rely on daily. Federal regulators have faced criticism for not being adequately prepared and not acting quickly enough in response to the incident.
Some lawmakers are calling for mandatory cybersecurity standards in the health care industry, including regular audits. They believe that these standards would help prevent future attacks and protect patients’ sensitive medical data. However, others argue that such standards could be costly and burdensome for small businesses, particularly those with limited resources and expertise.
Despite these concerns, there is growing consensus among policymakers, industry leaders, and cybersecurity experts that addressing the technology underpinning health care is crucial to protecting patient safety and privacy. They believe that by investing in better cybersecurity measures and creating stronger standards, they can help prevent future attacks and ensure that critical technology infrastructure remains secure and reliable.