Lexology November 21, 2024
Holland & Knight LLP

New York hospitals have less than a year to dust off their Health Insurance Portability and Accountability Act (HIPAA) compliance programs and update them to comply with more stringent and detailed state regulations. Last month, the New York State Department of Health (NYSDOH) published a notice of adoption of new hospital cybersecurity requirements, codified at 10 NYCRR § 405.46, aimed at enhancing the protection of patients’ protected health information (PHI), as defined in HIPAA, and personally identifiable information (PII) (the Regulations). The Regulations create a number of requirements for general hospitals licensed under Article 28 of the Public Health Law. Regulated entities are expected to come into compliance by Oct. 2, 2025 (i.e., within one year of adoption), with the...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Regulations, States, Technology
Related Articles:
3 Must-Know Cyber and Risk Realities: What’s Ahead for Health Care in 2025
If Einstein Was Your CISO: Cybersecurity Lessons From Words Of Wisdom
Stop Sleeping On AI: Why Security Teams Should Embrace The Technology
Client-Centric Cybersecurity: Bridging The Gap Between Threats And Clients
Q&A: Rural hospitals need help with cybersecurity survival

Share This Article