WASHINGTON, D.C., USA — Northern Light Health computer servers found compromised over the weekend shined a spotlight on cybersecurity concerns.
In its wake, Senator Angus King, I-Maine, proposed a bill to ramp up security from the federal level down.
On Thursday, King introduced the Strengthening Cybersecurity in Health Care Act to the Senate. The bill would Require the US Department of Health and Human Services to more consistently evaluate its systems and provide regular reports to Congress. King said he had been working on the bill with Florida Republican Senator Marco Rubio for an extended period of time, and hoped it would help make local hospital systems safer as well.
"What the bill really requires is, it says to DHHS, 'We want to know what you’re doing, and we want regular reports, to see that you are reaching out to the hospital systems throughout the country,'" King explained during a Thursday morning Zoom interview. "So far, to be honest, I haven’t been satisfied."
The bill arrived on the heels of Northern Light Health finding its computer system compromised. Leadership claimed no patient records were involved.
Steven Michaud is president of the Maine Hospital Association, representing the interests of every hospital in the state. He said they, and hospitals around the country, have invested a lot of money into cybersecurity, but that Northern Light's incident was likely just the beginning of hacking issues to come, and said it is hard to keep pace with the criminals.
"[Hacking] is moving even faster than a lot of us can keep up with and, so, we welcome any help in that way, as Senator King is proposing," Michaud said.
With all of that said, regardless of the precautions Congress forced DHHS or hospitals to take, the vast majority of intrusions happen because a human clicked on something they shouldn’t.
"Your biggest protection is vigilance on your passwords and, really, that two-factor authentication," said Lori Sussman, a cybersecurity expert and professor at the University of Southern Maine.
"It all starts at the desktop," King said.