Senior living should be excluded from proposed federal cybersecurity reporting requirements: AHCA/NCAL

The American Health Care Association/National Center for Assisted Living (AHCA/NCAL) has argued that certain senior living facilities should be excluded from new cybersecurity reporting requirements, due to their unique position in healthcare. The Department of Homeland Security’s proposed Cyber Incident Reporting for Critical Infrastructure Act would require such facilities to report cybersecurity incidents within 72 hours, and suggested excluding assisted living communities and nursing homes from these requirements.