Lexology November 28, 2023
Ropes & Gray LLP

On November 13, 2023, New York Governor Kathy Hochul announced the release of proposed statewide hospital cybersecurity regulations that would require state-licensed hospitals to establish cybersecurity programs, policies and procedures (the “Proposed Regulations”).1 The Proposed Regulations feature requirements regarding cybersecurity policies and procedures, personnel, user authentication methods, security risk assessments, incident response plans, and two-hour reporting of certain incidents.

If approved by the New York State Public Health and Health Planning Council (“PHHPC”) and subsequently finalized, the Proposed Regulations would supplement federal Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule requirements but would be broader in some respects, including with regard to what information is subject to the requirements.

Proposed Hospital Cybersecurity Requirements. Notable requirements of the Proposed Regulations...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, Provider, Regulations, States, Technology
Related Articles:
5 Cybersecurity Priorities for The Trump Administration
How to protect telemedicine from cyberattacks
AI-Driven Cybersecurity And Compliance: Integrating Finance, HR And Legal
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
3 leadership lessons we can learn from ethical hackers

Share This Article