Hospitals could have to meet minimum cybersecurity standards to participate in the Medicare program, according to a list of potential proposals outlined Nov. 3 by U.S. Sen. Mark Warner, D-Va.
"For example, hospitals must have active programs to prevent the spread of hospital-acquired infections. Another example is that hospitals must have emergency and standby power systems," the report stated. "Many stakeholders believe cybersecurity is as important as those two examples, and that some minimum level of cybersecurity hygiene practices should be included in these regulations."
Another idea under consideration is whether cybersecurity expenses would be included in future Medicare payments. The report features a plethora of ideas to counter the growing cyberthreat in healthcare.
"Unfortunately, the healthcare sector is uniquely vulnerable to cyberattacks and the transition to better cybersecurity has been painfully slow and inadequate," Mr. Warner said in an accompanying news release. "The federal government and the health sector must find a balanced approach to meet the dire threats, as partners with shared responsibilities."