[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 9229 Introduced in House (IH)]
<DOC>
117th CONGRESS
2d Session
H. R. 9229
To amend the Public Health Service Act to codify certain
recommendations made by the Government Accountability Office with
respect to the Department of Health and Human Services and
cybersecurity, and for other purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
October 25, 2022
Mr. Guthrie introduced the following bill; which was referred to the
Committee on Energy and Commerce
_______________________________________________________________________
A BILL
To amend the Public Health Service Act to codify certain
recommendations made by the Government Accountability Office with
respect to the Department of Health and Human Services and
cybersecurity, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Department of Health and Human
Services Cybersecurity Coordination Act''.
SEC. 2. STRENGTHENING CYBERSECURITY AT DEPARTMENT OF HEALTH AND HUMAN
SERVICES.
(a) In General.--Section 2811(b) of the Public Health Service Act
(42 U.S.C. 300hh-10(b)) is amended by adding at the end the following:
``(8) Cybersecurity.--With respect to cybersecurity:
``(A) Monitor, evaluate, and report on the progress
and performance of the Government Coordinating
Council's Cybersecurity Working Group and HHS
Cybersecurity Working Group.
``(B) Ensure that authorizing Federal officials
review and approve the charter describing how the HHS
Cybersecurity Working Group will facilitate
collaboration with the HHS Chief Information Security
Officer Council, Continuous Monitoring and Risk Scoring
Working Group, and Cloud Security Working Group.
``(C)(i) Finalize written agreements that include a
description of how the Government Coordinating
Council's Cybersecurity Working Group will collaborate
with advisory bodies focused on cybersecurity.
``(ii) Identify the roles and responsibilities of
the Government Coordinating Council's Cybersecurity
Working Group.
``(iii) Monitor and update the written agreements
on a regular basis.
``(iv) Ensure that authorizing Federal officials
leading the working group approve the finalized
agreements.
``(D) Update the charter for the Joint Healthcare
and Public Health Cybersecurity Working Group for the
current fiscal year and ensure that authorizing
officials leading the working group review and approve
the updated charter.''.
(b) Additional Cybersecurity Coordination.--Subtitle A of title
XXVIII of the Public Health Service Act (42 U.S.C. 300hh et seq.) is
amended by adding at the end the following:
``SEC. 2804. CYBERSECURITY COORDINATION.
``The Secretary shall--
``(1) monitor, evaluate, and report on the progress and
performance of the HHS Chief Information Security Officer
Council, Continuous Monitoring and Risk Scoring Working Group,
and Cloud Security Working Group; and
``(2) regularly monitor and update written agreements
describing how the HHS Chief Information Security Officer
Council, Continuous Monitoring and Risk Scoring Working Group,
and Cloud Security Working Group will facilitate collaboration,
and ensure that authorizing Federal officials review and
approve the updated agreements under section 2811(b)(8)(C).''.
<all>