The industry-wide program for naming and documenting vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a House panel.

Replace the device? Patch the software? Lawmakers want to know how to protect legacy medical equipment from cyberthreats.

Top Republicans on the House Committee on Energy and Commerce want to know why top tech companies sat on the chip flaws for more than six months.

A national effort is needed to ensure that the owners and operators of medical devices, hospital IT networks and electronic health records management systems can find out what software and other technologies are in the products they are buying.

"Consumers are getting taken to the woodshed, companies are making billions of dollars off our data and we've had it," said GOP Oregon Rep. Greg Walden, the chairman of the powerful House Energy and Commerce Committee.

When the ransomware crippled the British National Health Service last month, the response at the U.S. Department of Health and Human Services was led by a new cybersecurity watch center, officials told lawmakers.