The Internet of Things Cybersecurity Improvement Act of 2017 would require vendors who supply Internet of Things devices to the government ensure their devices are patchable, do not include unchangeable hard-coded passwords and are free from known security vulnerabilities.
The bill also promotes security research by enabling researchers to adopt coordinated vulnerability disclosure policies from federal contractors.
“This legislation would establish thorough, yet flexible, guidelines for federal government procurements of connected devices. My hope is that this legislation will remedy the obvious market failure that has occurred and encourage device manufacturers to compete on the security of their products,” Sen. Mark R. Warner, D-Va., one of the bills three authors, said.
Sens. Cory Gardner, R-Colo., Ron Wyden, D-Ore., and Steve Daines, R-Mont., join Mr. Warner in sponsoring the legislation.
More articles on health IT:
11 healthcare security incidents reported in July
Kaleida Health reports phishing attack
Appeals court rules health insurance customers can sue for data breach
