Ransomware, Governance, Risk and Compliance, Government Regulations

Conditional expedited payments for cyberattack-hit health providers pushed in new bill

What if we made paying the ransom illegal?

Health providers across the U.S. impacted by cyberattacks would be able to receive advanced payments from the Centers for Medicare & Medicaid Services as long as they meet minimum cybersecurity standards under new legislation introduced by Senate Cybersecurity Caucus co-chair Mark Warner, D-Va., according to CyberScoop.

Such minimum cybersecurity standards should also be attained by cyberattack-hit third parties, according to the bill, which was proposed a month following the ransomware attack against UnitedHealth Group's payment processor subsidiary Change Healthcare that resulted in widespread disruptions across the U.S. healthcare system.

"It was only a matter of time before we saw a major attack that disrupted the ability to care for patients nationwide. The recent hack of Change Healthcare is a reminder that the entire healthcare industry is vulnerable and needs to step up its game. This legislation would provide some important financial incentives for providers and vendors to do so," said Warner.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.