As ransomware attacks on the healthcare industry grow, Rep. Ted Lieu (D-Calif.) says breach notification laws should be updated to reflect the new threat.
Lieu said he may propose a bill that would require providers to let their patients know when a ransomware attack has occurred at the facility, according to a Bloomberg BNA report.
In just the last few months, multiple healthcare organizations have fallen victim to ransomware, including Hollywood Presbyterian Medical Center, Ottawa Hospital in Canda and the Los Angeles Department of Health, among others.
Lieu also said because there is currently no requirement for hospitals to inform patients of ransomware incidents, it makes it hard for lawmakers to know how to prevent such attacks. The legislation could amend the HITECH Act to say that ransomware attack information should be disclosed to patients, Lieu said.
"It's difficult for policymakers, or anyone, to have a handle on the problem if we don't get information that it's happening," he said.
To learn more: