Top health lawmakers voice concern about HHS's implementation of cyber law

Top health lawmakers voice concern about HHS's implementation of cyber law
© Getty

A bipartisan group of House and Senate lawmakers are raising concerns about how the Department of Health and Human Services (HHS) is implementing a cyber law that aims to boost security by providing digital threat data.

In a letter on Tuesday, the top lawmakers on the House Energy and Commerce Committee and the Senate Health, Education, Labor, and Pensions (HELP) Committee pressed HHS Secretary Alex Azar to provide more information about executing the Cybersecurity Information Sharing Act (CISA). 


“As cyber threats to the health care sector increase in frequency and severity, it is imperative that HHS provide clear and consistent leadership and direction to the sector regarding cyber threats,” the lawmakers wrote. 

The lawmakers argued that the agency's cybersecurity strategy has continued to change since HHS delivered its Cyber Threat Preparedness Report (CTPR) to the committee last April, and even that “report omitted or lacked sufficient detail on many outstanding issues.”

"HHS’s decision to present to our committees a report that was outdated, incomplete, and inaccurate raises concerns about HHS’s ability to address the growing number and severity of cyber threats facing the health care sector," the letter reads.

The lawmakers pointed to a series of information gaps that they said HHS needs to address, particularly the lack of information the report had on HHS's Healthcare Cybersecurity and the Department of Homeland Security's Communications Integration Center (HCCIC).

"The HCCIC was announced in April 2017 with the intention that it would be operational by June 2017. The absence of the HCCIC within the CTPR in May of 2017 renders the report outdated, incomplete, and inaccurate," they wrote, noting confusion regarding the role and status of the the center.

"The HCCIC’s surprise announcement, initial success, and subsequent troubles, combined with the inadequacies in the CTPR, have exacerbated the very issues that CISA was intended to address," they concluded.

House Energy and Commerce Committee Chairman Greg WaldenGregory (Greg) Paul WaldenHouse committee considering subpoena for Twitter CEO: report Top Republicans concerned over impact of potential Trump drug rule Apple jabs ‘other companies’ in defending customer data policies to lawmakers MORE (R-Ore.) and ranking member Frank Pallone Jr.Frank Joseph PalloneDem: Trump ‘placing politics over our national security’ by revoking Brennan’s clearance House Dems press FCC chairman for answers on false cyberattack claim House Dems call for new FCC probe into Sinclair MORE (D-N.J.) and Senate HELP Committee Chairman Lamar AlexanderAndrew (Lamar) Lamar AlexanderGovernor's race grabs spotlight in Tennessee primaries A single courageous senator can derail the Trump administration GOP worries trade wars will last as Trump engages in temporary tiffs MORE (R-Tenn.) and ranking member Patty MurrayPatricia (Patty) Lynn MurrayGOP leader criticizes Republican senators for not showing up to work Senate Dems press Sessions for records on racial discrimination complaints Dem senators introduce resolution calling on Trump to stop attacking the press MORE (D-Wash.) all signed on to the letter.