CHIME, AEHIS Voice Support for Medical Device Cybersecurity Act | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

CHIME, AEHIS Voice Support for Medical Device Cybersecurity Act

August 2, 2017
by Rajiv Leventhal
| Reprints

Two healthcare IT industry groups—CHIME and AEHIS—have voiced their support for a bill that would aim to make the cybersecurity capabilities of medical devices more transparent to providers, and which would clarify expectations concerning security enhancements and maintenance of medical devices.

The legislation, (S.1656), the Medical Device Cybersecurity Act of 2017, was introduced by Senator Richard Blumenthal (D-CT) last week. The bill also establishes a cybersecurity emergency response team.

The Department of Health and Human Services’ (HHS) Health Care Industry Cybersecurity Task Force report, delivered to Congress in June, highlighted the critical state of the healthcare industry’s cybersecurity posture. Among many other issues, the report offered a number of suggestions to improve medical device cybersecurity, some of which have been included in the Medical Device Cybersecurity Act of 2017.

Drilling down, the Medical Device Cybersecurity Act of 2017 seeks to improve medical device security with actions such as:

• Increasing transparency of medical device security by creating a cyber report card for devices and mandating testing prior to sale

• Bolstering remote access protections for medical devices in and outside of the hospital

• Ensuring crucial cybersecurity fixes or updates remain free and do not require FDA recertification

Recent statements by Liz Johnson, CHIME (the College of Healthcare Information Management Executives) board chair and CIO of Acute Care Hospitals and Applied Clinical Informatics at Tenet Healthcare and Deborah Stevens, AEHIS (the Association for Executives in Healthcare Information Security) board chair and chief security officer at Tufts Health Plan showed support for the legislation.

“CHIME members continue to identify cybersecurity as their top priority. The potential risks that networked medical devices pose to patients have been of great concern for our membership,” said Johnson. “We appreciate Senator Blumenthal’s leadership and interest in this complicated issue as providers try to ensure that patients get the benefits that medical devices offer without exposing them to potential safety risks. CHIME is pleased to endorse this legislation. We look forward to continuing a dialogue with members of Congress, the administration and industry partners on this critical issue.”

Added Stevens, “The recent cyber attacks underscore the importance of this legislation. WannaCry and Petya shined a bright light on the vulnerabilities in the healthcare sector and more specifically with medical devices. On behalf of the AEHIS membership we applaud Senator Blumenthal for taking on this important issue.”

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Healthcare Groups Call for Improvements to Prior Authorization Process

A collaborative of healthcare organizations, including the American Medical Association, the American Hospital Association, and the Medical Group Management Association, released a joint statement this week calling for improved prior authorization procedures, including automating the process to improve transparency and efficiency.

Aetna to Pay $17M in HIV Privacy Breach Lawsuit

Hartford-based Aetna is settling a lawsuit for $17 million over a privacy breach in which the insurer potentially revealed the HIV status of thousands of customers via letters that were mailed out.

Four Health Systems Plan to Form Not-for-Profit Generic Drug Company

Four health systems, in consultation with the VA, have announced that they are collaborating to develop a new, not-for-profit generic drug company with the aim of making generic medications more available and more affordable for patients and bringing more competition to the generic drug market.

Health Sciences South Carolina Wins ‘Best in Show’ at FHIR Applications Roundtable

At the HL7 FHIR Applications Roundtable held in New Orleans in December, Health Sciences South Carolina (HSSC) was voted Best in Show for its clinical data repository for South Carolina hospitals.

2018 Most Influential Women in Health IT Awardees Announced

Four healthcare IT leaders—Ann O’Brien, R.N., Judy Murphy, R.N., Jessica Kahn and Vice Admiral Raquel C. Bono—have been named as the 2018 awardees of HIMSS’ Most Influential Women in Health IT.

Reports: DoD-Cerner EHR Rollout Postponed for 8 Weeks

The Department of Defense (DoD) and Cerner are suspending their MHS Genesis electronic health record (EHR) modernization project for eight weeks, according to multiple media reports.