On June 2, the Health Care Industry Cybersecurity Task Force released its 96-page final “Report on Improving Cybersecurity in the Health Care Industry” which outlines cybersecurity findings and recommendations for the government and healthcare industry. The creation of the Task Force and production of the Report was mandated by the Cybersecurity Information Sharing Act of 2015.

The Report concludes that “health care cybersecurity is a key public health concern that needs immediate and aggressive attention” and outlines six "imperatives" for enhancing cybersecurity, including increasing the security and resilience of medical devices and health information technology, better information-sharing about threats, and developing the healthcare work force capacity necessary to ensure cybersecurity awareness and technical capabilities. Among its other recommendations, the Task Force proposed that the Physician Self-Referral Law (Stark Law) and the federal Anti-Kickback Statute be amended to make it easier for large health systems to assist smaller practices with their cybersecurity, and that an ongoing public-private forum be created to address cybersecurity in healthcare.