[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 9229 Introduced in House (IH)]

<DOC>






117th CONGRESS
  2d Session
                                H. R. 9229

       To amend the Public Health Service Act to codify certain 
   recommendations made by the Government Accountability Office with 
      respect to the Department of Health and Human Services and 
                 cybersecurity, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                            October 25, 2022

 Mr. Guthrie introduced the following bill; which was referred to the 
                    Committee on Energy and Commerce

_______________________________________________________________________

                                 A BILL


 
       To amend the Public Health Service Act to codify certain 
   recommendations made by the Government Accountability Office with 
      respect to the Department of Health and Human Services and 
                 cybersecurity, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Department of Health and Human 
Services Cybersecurity Coordination Act''.

SEC. 2. STRENGTHENING CYBERSECURITY AT DEPARTMENT OF HEALTH AND HUMAN 
              SERVICES.

    (a) In General.--Section 2811(b) of the Public Health Service Act 
(42 U.S.C. 300hh-10(b)) is amended by adding at the end the following:
            ``(8) Cybersecurity.--With respect to cybersecurity:
                    ``(A) Monitor, evaluate, and report on the progress 
                and performance of the Government Coordinating 
                Council's Cybersecurity Working Group and HHS 
                Cybersecurity Working Group.
                    ``(B) Ensure that authorizing Federal officials 
                review and approve the charter describing how the HHS 
                Cybersecurity Working Group will facilitate 
                collaboration with the HHS Chief Information Security 
                Officer Council, Continuous Monitoring and Risk Scoring 
                Working Group, and Cloud Security Working Group.
                    ``(C)(i) Finalize written agreements that include a 
                description of how the Government Coordinating 
                Council's Cybersecurity Working Group will collaborate 
                with advisory bodies focused on cybersecurity.
                    ``(ii) Identify the roles and responsibilities of 
                the Government Coordinating Council's Cybersecurity 
                Working Group.
                    ``(iii) Monitor and update the written agreements 
                on a regular basis.
                    ``(iv) Ensure that authorizing Federal officials 
                leading the working group approve the finalized 
                agreements.
                    ``(D) Update the charter for the Joint Healthcare 
                and Public Health Cybersecurity Working Group for the 
                current fiscal year and ensure that authorizing 
                officials leading the working group review and approve 
                the updated charter.''.
    (b) Additional Cybersecurity Coordination.--Subtitle A of title 
XXVIII of the Public Health Service Act (42 U.S.C. 300hh et seq.) is 
amended by adding at the end the following:

``SEC. 2804. CYBERSECURITY COORDINATION.

    ``The Secretary shall--
            ``(1) monitor, evaluate, and report on the progress and 
        performance of the HHS Chief Information Security Officer 
        Council, Continuous Monitoring and Risk Scoring Working Group, 
        and Cloud Security Working Group; and
            ``(2) regularly monitor and update written agreements 
        describing how the HHS Chief Information Security Officer 
        Council, Continuous Monitoring and Risk Scoring Working Group, 
        and Cloud Security Working Group will facilitate collaboration, 
        and ensure that authorizing Federal officials review and 
        approve the updated agreements under section 2811(b)(8)(C).''.
                                 <all>