AHA Testifies on Regulatory Burden, Cybersecurity

Jul 18, 2018 - 03:24 PM
cybersecurity-hand-lock-graphic_900x400

The AHA today discussed the need to reduce the regulatory burden on providers to improve patient care during a House Committee on Oversight and Government Reform Subcommittee on Intergovernmental Affairs hearing.
 
“A reduction in administrative burden will enable providers to focus on patients, not paperwork, and reinvest resources in improving care, improving health and reducing costs,” said John Riggi, AHA senior advisor for cybersecurity and risk.
 
Riggi said that “while federal regulation is necessary to ensure that health care patients receive safe, high-quality care, in recent years, clinical staff — doctors, nurses and caregivers — find themselves devoting more time to regulatory compliance, taking them away from patient care. Some of these rules do not improve care, and all of them raise costs.”
 
Specifically, Riggi discussed an AHA report on regulatory burden, which, among other findings, revealed that health systems, hospitals and post-acute care providers must comply with 629 discrete regulatory requirements across nine domains and spend nearly $39 billion a year solely on the administrative activities related to regulatory compliance. In addition, he said, an average-size hospital dedicates 59 full-time equivalents to regulatory compliance, over one-quarter of which are doctors and nurses, pulling clinical staff away from patient care responsibilities.
 
In AHA’s written statement for the hearing, Riggi also discussed the unique cybersecurity challenges confronting the health care sector, and how hospitals and health systems are responding.
 
“Hospitals and health systems have made great strides to defend their networks, secure patient data, preserve the efficient delivery of health care services, and most importantly, protect patient safety,” Riggi said. “However, we cannot do it alone. We need more active support from the government to defend patients from cyber threats … a ‘whole of nation approach’ is what is truly needed.”

Related News Articles

Headline
Open-source text program Notepad++ impacted by critical vulnerability
The National Institute of Standards and Technology Feb. 2 published details on a critical vulnerability that impacted Notepad++, a free, open-source text and…
Headline
FBI launches campaign to protect hospitals, other critical infrastructure against cyberattacks
The FBI has launched a two-month campaign, Operation Winter SHIELD (Securing Homeland Infrastructure by Enhancing Layered Defense), highlighting 10 actions…
Headline
Guides offer strategies on preparing for public health emergencies, cybersecurity incidents 
Two AHA guides offer strategies for hospitals and health systems in preparing for public health emergencies and disasters and managing cybersecurity incidents…
Headline
AHA urges HRSA to stop Eli Lilly’s 340B claims-data submission policy from going into effect 
The AHA Jan. 26 urged the Health Resources and Services Administration to take immediate action to stop a new Eli Lilly and Company policy from taking effect…
Headline
AHA podcast: Cybersecurity on the Health Care Front Lines Against AI and Ransomware
Larry Pierce, director of cybersecurity and information security officer for Atlantic Health, unpacks how the growth of artificial intelligence is reshaping…
Headline
Agencies issue guidance on secure connectivity for operational technology
U.S. and international agencies Jan. 14 released guidance on secure connectivity for operational technology environments. Examples of OT environments in health…