The latest healthcare data breach, which involved a massive hack of Excellus Blue Cross Blue Shield, has a U.S. senator calling for action on a cybersecurity bill that has been stalled in Congress, according to a report by The Hill.
Sen. Charles Schumer (D-N.Y.) says it is time for Congress to act on the cybersecurity bill following the revelation last week of Excellus's attack, which was among the 10 largest healthcare data breaches ever reported.
"Excellus BlueCross BlueShield now joins a long list of companies that have been the victim of a cyberattack, including Target, JP Morgan, SONY, and countless others," Schumer says in a statement. "The fact that this data breach was not discovered for 19 months just goes to show how sophisticated online hackers are and how much work we have to do when it comes to protecting our personal information."
Schumer says he wants Congress to move forward in passing the Cybersecurity Information Sharing Act to improve data sharing on cybersecurity threats between private companies and the government. He also says the latest hack highlights the need for universal data breach notification standards to protect consumers.
He urges Congress to bring the cybersecurity bill to the floor and to strengthen cyber protections, including requiring companies to notify victims of data breaches in a timely manner that their personal information may have been compromised so they can take steps to protect against identity theft.
A vote on the cybersecurity bill, introduced in the Senate in July 2014, has been delayed amid debate over other legislation, according to a report on Healthcare Informatics.
The breach reported by Excellus is just the latest in a number of cyber attacks reported on healthcare organizations. Fellow insurers Anthem, Premera Blue Cross and CareFirst all have experienced their own cyberattacks. Some cyber attacks that occurred in the past are just now coming to light as more healthcare organizations are ratcheting up their information security efforts, FierceHealthPayer previously reported.