Sec. 7. Identifying high-risk covered assets
211 words·~1 min read·
/bill/119/hr/3841/ih/section-7A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Secretary, in consultation with the Director and health sector owners and operators, as appropriate, may establish objective criteria for determining whether a covered asset may be designated as a high-risk covered asset, provided that such criteria shall align with the methodology promulgated by the Director for identifying functions relating to critical infrastructure, as defined in section 1016(e) of the Critical Infrastructures Protection Act of 2001 ( 42 U.S.C. 5195c(e) ), and associated risk assessments.
The Secretary may develop a list of, and notify, the owners and operators of each covered asset determined to be a high-risk covered asset using the methodology promulgated by the Director pursuant to subsection (a). The Secretary may— biannually review and update the list of high-risk covered assets developed under paragraph (1); and notify the owners and operators of each covered asset added to or removed from the list as part of a review and update of the list under subparagraph (A).
The Secretary shall notify Congress when an initial list of high-risk covered assets is developed under paragraph
(1)and each time the list is updated under paragraph (2). The list developed and updated under this subsection may be used by the Department to prioritize resource allocation to high-risk covered assets to bolster cyber resilience.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 7
Identifying high-risk covered assets
Cites 1Cited by 0 across 0 sources