Cyber Awareness and Recovery Enhancement Act of 2013 or the CARE Act of 2013 - Directs the Secretary of Homeland Security (DHS) to develop and provide to the Secretary of Health and Human Services (HHS) risk-based, performance-based cybersecurity standards for the federal information technology requirements under the Patient Protection and Affordable Care Act, including the healthcare.gov website.
Requires the HHS Secretary to: (1) adopt and implement such standards, and (2) submit an annual report to Congress regarding cyber incidents relating to such requirements.
[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3847 Introduced in House (IH)]
113th CONGRESS
2d Session
H. R. 3847
To require the Secretary of Homeland Security the responsibility to
develop and provide to the Secretary of Health and Human Services risk-
based, performance-based cybersecurity standards for the Federal
information technology requirements under the Patient Protection and
Affordable Care Act, including the healthcare.gov website, and for
other purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
January 10, 2014
Mr. Barber (for himself, Mr. Daines, and Ms. Sinema) introduced the
following bill; which was referred to the Committee on Energy and
Commerce, and in addition to the Committee on Oversight and Government
Reform, for a period to be subsequently determined by the Speaker, in
each case for consideration of such provisions as fall within the
jurisdiction of the committee concerned
_______________________________________________________________________
A BILL
To require the Secretary of Homeland Security the responsibility to
develop and provide to the Secretary of Health and Human Services risk-
based, performance-based cybersecurity standards for the Federal
information technology requirements under the Patient Protection and
Affordable Care Act, including the healthcare.gov website, and for
other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Cyber Awareness and Recovery
Enhancement Act of 2013'' or the ``CARE Act of 2013''.
SEC. 2. CYBERSECURITY FOR HEALTHCARE.GOV WEBSITE.
(a) In General.--Notwithstanding the requirements of the Federal
Information Security Management Act of 2002 (44 U.S.C. 3531 et seq.) or
any other provision of law, not later than 90 days after the date of
the enactment of this Act, the Secretary of Homeland Security shall
develop and provide to the Secretary of Health and Human Services risk-
based, performance-based cybersecurity standards for the Federal
information technology requirements under the Patient Protection and
Affordable Care Act (Public Law 111-148), including the healthcare.gov
website (or any successor website). Such standards shall be based on
cybersecurity best practices, and on homeland security information that
the Secretary of Homeland Security has collected, analyzed, and
disseminated about cyber threats, vulnerabilities, and consequences.
(b) Consultation.--In carrying out the cybersecurity standards
described in subsection (a), the Secretary of Homeland Security shall
consult with the Secretary of Health and Human Services.
(c) Implementation and Enforcement.--Not later than 90 days after
receiving the cybersecurity standards described in subsection (a), the
Secretary of Health and Human Services shall adopt and implement such
cybersecurity standards.
(d) Enforcement.--The Secretary of Health and Human Services shall
submit to Congress an annual report on cyber incidents relating to the
Federal information technology requirements under the Patient
Protection and Affordable Care Act, including the healthcare.gov
website (or any successor website).
<all>
Introduced in House
Introduced in House
Sponsor introductory remarks on measure. (CR H138)
Referred to the Committee on Energy and Commerce, and in addition to the Committee on Oversight and Government Reform, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Referred to the Committee on Energy and Commerce, and in addition to the Committee on Oversight and Government Reform, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Referred to the Subcommittee on Health.
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line