INDIANAPOLIS – Some Indiana lawmakers want certain hackers to face harsher penalties.
Senate Bill 159 would elevate the charge for “computer trespass,” when someone accesses a computer system or network without the owner’s permission, from a misdemeanor to a level 5 or 6 felony if the breached data contains a person’s financial or health information.
Many health care providers are all too familiar with the threat of cyberattacks.
The network at Johnson Memorial Health detects hacking attempts every hour, according to Dr. David Dunkle, president and CEO.
“It’s scary,” Dr. Dunkle said. “It’s really scary.”
Dunkle’s organization dealt with a breach in 2021, but the criminals didn’t gain access to patients’ information, he said.
Johnson Memorial is one of several health care providers who have been breached in recent years.
“I do worry,” Dr. Dunkle said. “I worry that hospitals that are being crunched out there financially will skimp and be vulnerable.”
State Sen. Michael Crider (R-Greenfield), who introduced the bill, said he wants to give potential hackers a stronger deterrent.
“Granted, it’s pretty rare that somebody ends up prosecuted under this statute or this area,” Crider said. “But if they do have an opportunity, does the penalty match the damage that’s done?”
Level 5 felonies carry penalties of one to six years in prison and a fine of up to $10,000.
During a committee hearing Tuesday, some questioned how much of an impact the change could have.
“I just don’t know if this legislation will address the issue,” Senate Minority Leader Greg Taylor (D-Indianapolis) told Crider. “I’m supportive of what you’re trying to do.”
“The marginal deterrents being created by this bill is not worth the cost of the proportionality and the charge-stacking problems,” said Zach Stock of the Indiana Public Defender Council.
The bill passed in committee on a nearly unanimous vote. It now heads to the full Senate for consideration.