Obama Announces Cybersecurity Proposal Amid Recent Hacks
January 14, 2015 in News
On Tuesday, President Obama detailed a proposal designed to prompt legislation on cybersecurity, which he said is “a growing public safety and public health” concern as more data are stored online, the Los Angeles Times reports (Hennessey, Los Angeles Times, 1/13).
The announcement follows a major cyberattack on Sony Pictures, in which documents with identifiable health information on dozens of employees were released, including their:
- Dates of birth;
- Health conditions; and
- Heath costs (iHealthBeat, 12/18/14)
Under the new plan, the federal government would grant limited liability protection to companies that promptly share cyberthreat information with the government (Perera, Politico, 1/13). However, companies must take steps to remove any personally identifying data from the shared information (Strohm/Greiling Keane, Bloomberg/Health Data Management, 1/14).
Further, the proposal would expand the Department of Homeland Security’s outreach with certain organizations. For example, DHS would share cyberthreat data, such as Internet protocol addresses and routing information, with other federal agencies and private information-sharing organizations (Politico, 1/13).
In addition, the proposal would:
- Give the Federal Trade Commission the authority to issue penalties to non-compliant companies (Shear/Singer, New York Times, 1/11);
- Limit law enforcement’s use of shared information (Los Angeles Times, 1/13);
- Make it a crime to sell an individual’s online data overseas (New York Times, 1/11); and
- Require DHS and the Department of Justice to draft guidelines for the use, retention and destruction of data (Los Angeles Times, 1/13).
The Health Information Trust Alliance in an emailed statement said that it “applauds the White House’s proposal to encourage increased cyberthreat information sharing between the private sector and government.”
The group added that information sharing and analysis organizations “are a key link that will continue to provide value to strengthen our government … given the growing cyberthreats the nation faces.” The group expressed an interest in working with the Obama administration, Congress and DHS “as they continue to foster the formation of private-sector led information sharing, as well as existing information sharing relationships between government and the private sector” (HITRUST release, 1/13).