Washington Debrief: Lawmakers Explore Cyber Risks of Connected Devices, IoT in Hearing | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Washington Debrief: Lawmakers Explore Cyber Risks of Connected Devices, IoT in Hearing

November 21, 2016
by Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
| Reprints

Key Takeaway: The House Committee on Energy and Commerce held a joint hearing last week to examine the role of connected devices, including medical devices, and their role in recent cyber attacks.

Why It Matters: The internet of things (IoT) and the growth of connected devices has exposed additional security vulnerabilities, presenting new avenues for bad actors to exploit, including in healthcare. Among the many devices that could be coopted by threat actors are medical devices, both in the traditional sense and those that blur the lines between consumer devices with the potential to inform clinical decision making.

CHIME and AEHIS submitted a statement that was included in the hearing record that outlined the role medical devices could play in a distributed denial of service attack (ddos) and possible actions for Congress to take to enhance security of medical devices in coordination with the Food and Drug Administration (FDA). Among the recommendations included ensuring the FDA has proper resources to manage vulnerability disclosures and to evaluate security during the device approval process.

Members of the Subcommittees on Communications and Technology and Commerce, Manufacturing and Trade explored the range of security issues facing the healthcare industry, including roles and responsibilities for medical device manufacturers and healthcare providers. Members and witnesses discussed what incentives may need to be inserted into the marketplace to ensure that security is intrinsically designed into the product rather than added as an afterthought.

Congressional Outlook for the Remainder of 2016 – 21st Century Cures, Government Funding

Key Takeaway: As the final days of the 114th Congress come to a close a few healthcare bills may still stand a chance.

Why It Matters: Congress is set to adjourn for the year on December 16, leaving limited time to consider legislation. Among the top legislative candidates for consideration that includes health IT provisions is the 21st Century Cures Act, which will be reconciled with the work of the Senate Health, Education, Labor and Pensions Committee’s Innovation Initiative.

 The House passed a comprehensive bill, the 21st Century Cures Act (HR 6) in an overwhelmingly bipartisan fashion in July 2015, which included provisions on interoperability, information blocking and telehealth. The Senate HELP Committee instead approved a number of individual bills, including the Improving Health Information Technology Act (S.2511) which also addressed a number of health IT issues. CHIME staff has compared the health IT provisions of the two existing bills here.

Another bill that CHIME would like to be considered is the EHR Regulatory Relief Act (S.3173). This legislation sponsored by Senator John Thune (R-SD) and the group of republican senators known as the “REBOOT” group, would instate 90-day reporting periods for the Meaningful Use program perpetually as well as adjust the troublesome all-or-nothing structure of the EHR Incentive Program for all providers beginning in the 2016 program year and for eligible hospitals thereafter when Medicare clinicians move to the Quality Payment Program (QPP) established by the Medicare Access and CHIP Reauthorization Act. CHIME has endorsed this legislation and if you’d like to tell you Congressional delegation to support this legislation, you can do so here.  

The current government funding package expires on December 6, therefore Congress must also pass either short-term continuing resolution (CR) or a series of appropriations bills to fund the government through FY17. Most recent discussions suggest that a short-term package will fund the federal government through March of 2017 to allow the new Administration and new Congress to influence the funding package based on their policy priorities.

Health IT Money

Key Takeaway: AHRQ Funding Opportunity

Why it Matters: AHRQ intends to publish a Funding Opportunity Announcement to conduct research that demonstrates how health information technology (IT) can improve patient-centered health outcomes and quality of care in primary care and other ambulatory settings through the scale and spread of successful, health IT-enabled practice models that use patient-reported outcome (PRO) measures to achieve these objectives. More information can be found here.

New NIST Cyber Resource


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More