The American Hospital Association has opposed mandatory cybersecurity requirements proposed for the healthcare sector following the ransomware attack against Change Healthcare, which has resulted in widespread prescription processing outages across the U.S., reports CyberScoop.
"Imposing fines or cutting Medicare payments would diminish hospital resources needed to combat cybercrime and would be counterproductive to our shared goal of preventing cyberattacks," wrote AHA President Richard Pollack in a letter to Sen. Ron Wyden, D-Ore., and Senate Finance Committee ranking member Sen. Mike Crapo, R-Idaho. Wyden noted that the pushback was expected. "Private-sector opposition to effective cybersecurity rules is the number one reason our critical infrastructure, particularly the healthcare sector, is so woefully unprepared for even unsophisticated cyberattacks," added Wyden. Despite the push to immediately address cybersecurity issues within the healthcare industry, any legislative push for such an objective is unlikely amid the upcoming midterm elections, according to a former congressional staffer. "I think industry is just going to just say 'let's ride this out the rest of the year and see where we are next year,'" added the staffer.