AHA Voices Support for the Healthcare Cybersecurity Act (S.3904)

March 28, 2022

The Honorable Jacky Rosen                                 The Honorable Bill Cassidy, M.D.
United States Senate                                             United States Senate
713 Hart Senate Office Building                             520 Hart Senate Office Building
Washington, DC 20510                                          Washington, DC 20510

Dear Senators Rosen and Cassidy:

On behalf of our nearly 5,000 member hospitals, health systems and other health care organizations, our clinician partners — including more than 270,000 affiliated physicians, 2 million nurses and other caregivers — and the 43,000 health care leaders who belong to our professional membership groups, the American Hospital Association (AHA) writes in support of the Healthcare Cybersecurity Act (S.3904). AHA is committed to helping hospitals and health systems prepare for and prevent cyber-attacks.

We are pleased to support the introduction of this legislation as it will improve collaboration and coordination between the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS). This bill would assist hospitals and health systems by authorizing cybersecurity training for the Healthcare and Public Health (HPH) sector. We appreciate that the bill calls for an analysis of cybersecurity risks to the HPH sector with a focus on impacts to rural hospitals, vulnerabilities of medical devices, and cybersecurity workforce shortages, among other important issues. We also support the development of coordinated national defensive measures, an expansion of the cybersecurity workforce, disruption of bad actors that target U.S. critical infrastructure, and the utilization of a “whole of government” approach to increasing risk and consequences for those who commit attacks.

Great strides have been made by hospitals and health systems to defend provider networks, secure patient data, preserve health care delivery and, most importantly, protect patient safety. This bill takes first steps towards addressing many of the cybersecurity challenges facing hospitals and health systems.

We appreciate your leadership on this critical issue and look forward to working together to ensure passage of this legislation.



Stacey Hughes
Executive Vice President