Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 119th Congress · H.R. 3841 (Introduced in House) — To enhance the cybersecurity of the Healthcare and Public Health Sector. · Sec. 6

Sec. 6. Sector-specific risk management plan

341 words·~2 min read·/bill/119/hr/3841/ih/section-6

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 1 year after the date of enactment of this Act, the Secretary, in coordination with the Director, shall update the Plan, which shall include the following elements: An analysis of how identified cybersecurity risks specifically impact covered assets, including the impact on rural and small- and medium-sized covered assets. An evaluation of the challenges the owners and operators of covered assets face in— securing— updated information systems owned, leased, or relied upon by covered assets; medical devices or equipment owned, leased, or relied upon by covered assets, which shall include an analysis of the threat landscape and cybersecurity vulnerabilities of such medical devices or equipment; and sensitive patient health information and electronic health records; implementing cybersecurity protocols; and responding to data breaches or cybersecurity attacks, including the impact on patient access to care, quality of patient care, timeliness of health care delivery, and health outcomes.
An evaluation of the best practices for utilization of resources from the Agency to support covered assets before, during, and after data breaches or cybersecurity attacks, such as by Cyber Security Advisors and Cybersecurity State Coordinators of the Agency or other similar resources. An assessment of relevant Healthcare and Public Health Sector cybersecurity workforce shortages, including— training, recruitment, and retention issues; and recommendations for how to address these shortages and issues, particularly at rural and small- and medium-sized covered assets.
An evaluation of the most accessible and timely ways for the Agency and the Department to communicate and deploy cybersecurity recommendations and tools to the owners and operators of covered assets. Not later than 120 days after the date of enactment of this Act, the Secretary, in consultation with the Director, shall provide a briefing on the updating of the Plan under subsection
(a)to— the Committee on Health, Education, Labor, and Pensions, the Committee on Finance, and the Committee on Homeland Security and Governmental Affairs of the Senate; and the Committee on Energy and Commerce, the Committee on Ways and Means, and the Committee on Homeland Security of the House of Representatives.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.