AHA Testifies on Regulatory Burden, Cybersecurity

Jul 18, 2018 - 03:24 PM
cybersecurity-hand-lock-graphic_900x400

The AHA today discussed the need to reduce the regulatory burden on providers to improve patient care during a House Committee on Oversight and Government Reform Subcommittee on Intergovernmental Affairs hearing.
 
“A reduction in administrative burden will enable providers to focus on patients, not paperwork, and reinvest resources in improving care, improving health and reducing costs,” said John Riggi, AHA senior advisor for cybersecurity and risk.
 
Riggi said that “while federal regulation is necessary to ensure that health care patients receive safe, high-quality care, in recent years, clinical staff — doctors, nurses and caregivers — find themselves devoting more time to regulatory compliance, taking them away from patient care. Some of these rules do not improve care, and all of them raise costs.”
 
Specifically, Riggi discussed an AHA report on regulatory burden, which, among other findings, revealed that health systems, hospitals and post-acute care providers must comply with 629 discrete regulatory requirements across nine domains and spend nearly $39 billion a year solely on the administrative activities related to regulatory compliance. In addition, he said, an average-size hospital dedicates 59 full-time equivalents to regulatory compliance, over one-quarter of which are doctors and nurses, pulling clinical staff away from patient care responsibilities.
 
In AHA’s written statement for the hearing, Riggi also discussed the unique cybersecurity challenges confronting the health care sector, and how hospitals and health systems are responding.
 
“Hospitals and health systems have made great strides to defend their networks, secure patient data, preserve the efficient delivery of health care services, and most importantly, protect patient safety,” Riggi said. “However, we cannot do it alone. We need more active support from the government to defend patients from cyber threats … a ‘whole of nation approach’ is what is truly needed.”

Related News Articles

Headline
CISA releases guidance following reported legacy Oracle cloud breach
The Cybersecurity and Infrastructure Security Agency April 17 released guidance to reduce risks associated with a reported breach of Oracle cloud services.…
Headline
CMS to update SPA template for medication-assisted treatment benefit
The Centers for Medicare & Medicaid Services today released a notice seeking public comment on the collection of information request regarding the State…
Headline
ASHE releases 2025 Hospital Construction Survey 
Achieving operational and survey readiness on day one is an issue that many health care facilities professionals continue to grapple with, according to…
Headline
Agencies issue guidance on navigating deceptive online recruitment of current and former federal employees
The National Counterintelligence and Security Center, the FBI, and the Defense Counterintelligence and Security Center yesterday released guidance on…
AHA Cyber Intel
[Updated] 3 Must-know Cyber and Risk Realities: What’s Ahead for Health Care in 2025
While the rate of cyberattacks on hospitals has risen dramatically, the severity of the impacts has also grown exponentially. Let’s look at the state of cyber…
Headline
House subcommittee holds hearing on cybersecurity vulnerabilities in legacy medical devices
The House Energy and Commerce Oversight and Investigations Subcommittee April 1 discussed cybersecurity threats in legacy medical devices during a hearing. The…