American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators.
The Health Care Cybersecurity and Resiliency Act of 2024 [PDF], introduced on Friday by US Senators Bill Cassidy (R-Louisiana), Mark Warner (D-Virginia), John Cornyn (R-Texas), and Maggie Hassan (D-New Hampshire), would, among other things, require better coordination between the Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) around cybersecurity in the healthcare and public health sector.
This includes giving HHS a year to implement a cybersecurity incident response plan and update the types of information displayed publicly via the department’s breach reporting portal.
Read the rest of the story at The Register.
