Healthcare Cybersecurity Act of 2022
This bill requires the Cybersecurity and Infrastructure Security Agency (CISA) to undertake activities to improve the cybersecurity of the health care and public health sector.
Specifically, CISA must collaborate with the Department of Health and Human Services (HHS) to improve cybersecurity in that sector. This includes making resources, including cyber-threat indicators and appropriate defense measures, available to federal and nonfederal entities that receive information through HHS programs.
In addition, CISA must provide training on cybersecurity risks and mitigation strategies to owners of assets in the health care and public health sector.
CISA must also conduct a study on cybersecurity risks in the health care and public health sector. The study must address, among other topics, the impact of the risks on rural entities and small- and medium-sized entities, cybersecurity workforce shortages in the sector, and challenges related to the COVID-19 emergency.