Summary
Requires the 9-8-8 suicide prevention hotline to protect against cyber attacks and report any security problems to the government.
What problem does this solve?
The 9-8-8 suicide hotline handles sensitive data with no specific rules to protect it from hackers. This bill requires the hotline to protect its systems and report security issues, and it orders a study to find weak spots.
Who does this affect?
- Individuals using the 9-8-8 suicide prevention lifeline
- Local and regional crisis centers
- 9-8-8 network administrators
What does this bill do?
Requires cybersecurity protection for the lifeline
Adds a rule requiring the 9-8-8 suicide prevention hotline to take steps to protect itself from cyber attacks and fix known security weaknesses.
Mandates reporting of cyber attacks and weaknesses
Requires local crisis centers and the main network administrator to report any cyber attacks or security weaknesses they find to government officials in a reasonable amount of time.
Orders a study on cybersecurity risks
Directs the Comptroller General to conduct a study on the cybersecurity risks of the 9-8-8 lifeline and report the findings to Congress.
Clarifies who oversees technology
States that local crisis centers are responsible for their own technology, unless the main network administrator is given that power in their agreement.
What is the real world impact?
•
Protects the privacy of people in crisis
Ensures that personal and sensitive information shared by individuals using the 9-8-8 lifeline is kept safe from hackers and data breaches, which helps build trust in the service.
When does this start?
The new rules will start as soon as the bill is signed into law, with one specific deadline for a report.
Cybersecurity risk study
A study on the cybersecurity risks of the 9-8-8 lifeline must be completed and reported to Congress within 180 days of the bill becoming law.