Biden cybersecurity plan for hospitals entails carrots first, then sticks, health official says

WASHINGTON — The Biden administration’s plan to improve cybersecurity at hospitals starts off with incentives, but eventually hospitals will face penalties for not adopting measures to protect patient data, HHS Deputy Secretary Andrea Palm said Monday.

In February, a cyberattack against Change Healthcare, a UnitedHealth Group subsidiary that operates the largest medical claims clearinghouse in the country, left many doctors unable to get paid by Medicare. The administration had already published a cybersecurity plan in December, but the Change breach turbocharged the issue.

The Department of Health and Human Services has proposed setting aside $1.3 billion to pay hospitals to beef up their systems.

STAT+ Exclusive Story

Already have an account? Log in

This article is exclusive to STAT+ subscribers

Unlock this article — plus daily intelligence on Capitol Hill and the life sciences industry — by subscribing to STAT+.

Already have an account? Log in

Already have an account? Log in

Individual plans

Group plans

Monthly

$39

Totals $468 per year

$39/month Get Started

Totals $468 per year

Starter

$30

for 3 months, then $39/month

$30 for 3 months Get Started

Then $39/month

Annual

$399

Save 15%

$399/year Get Started

Save 15%

11+ Users

Custom

Savings start at 25%!

Request A Quote Request A Quote

Savings start at 25%!

2-10 Users

$300

Annually per user

$300/year Get Started

$300 Annually per user

View All Plans

Get unlimited access to award-winning journalism and exclusive events.

Subscribe

Log In