9–8–8 Lifeline Cybersecurity Responsibility Act

This bill would enhance protections for the 9-8-8 Suicide and Crisis Lifeline, a critical mental health service that connects people in crisis to support. The legislation was introduced in response to a 2022 cyberattack that caused the lifeline to go offline, leaving people in suicidal crisis without access to help. If enacted, the bill would require the lifeline's network administrator to report cybersecurity vulnerabilities and incidents to federal health officials within 24 hours of discovery, and would mandate that local and regional crisis centers participating in the lifeline report such issues to the network administrator. The bill would also require the Government Accountability Office to conduct a study evaluating cybersecurity risks and vulnerabilities in the 9-8-8 system and report findings to Congress. These measures aim to ensure the lifeline remains operational and secure so that Americans in mental health crisis can reliably access this vital service.