Healthcare providers, health plans, and connected entities across the United States could soon be subject to minimum cybersecurity standards under the proposed Health Infrastructure Security and Accountability Act.

The legislation was introduced by Senate Finance Committee Chair Ron Wyden and Senate Intelligence Committee Chair Mark Warner.

The bill comes just months after the widespread Change Healthcare breach, which was linked to the absence of multi-factor authentication (MFA).

Under the proposed legislation, the Department of Health and Human Services (HHS) would be required to conduct data security audits of covered healthcare organizations.

The bill would also impose potential jail time for healthcare executives who knowingly make false cybersecurity claims.

Read the full article