Sen. Ron Wyden, D-Ore., today criticized the Biden administration’s timeline to put healthcare cybersecurity regulations in place, saying that putting guardrails in place by the end of the year is “not soon enough.”

“They’re moving, there’s no question about it, but people need to see this as a four-alarm fire, and they need to go faster,” the senator said at a Semafor cybersecurity event on Tuesday.

AWS Summit
Tailored for the public sector community. Join us Jun 26-27. Learn more.

Following the February ransomware attack on Change Healthcare, which is a subsidiary of the UnitedHealth Group (UHG), members of Congress are increasing their scrutiny of UHG – including Sen. Wyden.

The congressman sent a letter on May 30 to Federal Trade Commission (FTC) Chair Lina Khan and U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler urging the agencies to hold UHG accountable for “negligent cybersecurity practices.”

“Our inquiry into UHG, in particular, that was a classic example of flunking cybersecurity 101,” Sen. Wyden said this morning. “They didn’t do the work upfront – which is multi-factor authentication – [and] then they weren’t prepared for problems.”

“I mean, this is just the basics of cybersecurity, and now we’re playing catch-up ball,” he added. “The Bush administration, I think was one of the last to do anything early in the century, and this makes healthcare facilities a prime target for bad guys who are trying to take advantage of technology to hurt people.”

Similar to the Biden administration’s National Cybersecurity Strategy, the Bush administration released the National Strategy to Secure Cyberspace back in 2003. However, cyberspace looks a lot different today than it did over 20 years ago.

“There haven’t been real changes since the beginning of the century,” Sen. Wyden said. “The last 15 years there has been a lot of foot-dragging, and the Biden administration, to their credit, are now moving, but they have to speed it up.”

“They’re doing better, but … it’s got to be sped up. They’re talking about having [regulations] ready to go at the end of the year – that’s not soon enough. Today, as we sit here, there’s no question that this is a prime target for people who want to take advantage of us,” he concluded.

Read More About
Recent
More Topics
About
Grace Dille
Grace Dille
Grace Dille is MeriTalk's Assistant Managing Editor covering the intersection of government and technology.
Tags