N.Y. hospitals face stiff cybersecurity requirements under proposed rules
By 
Adrianne Appel2023-11-15T21:09:00
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
The proposed rules, which would require the reporting of material cyber incidents within two hours, are designed to strengthen the cybersecurity of hospitals and their networks, said New York Gov. Kathy Hochul in a press release Monday.
Complying with the proposed rules would initially cost hospitals tens of thousands or tens of millions of dollars, according to the draft rules, which noted program maturity as a dictating factor. Hospitals would be allowed to subcontract for cybersecurity services.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefHHS: New cybersecurity regs on the way for hospitals
Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.
-
PremiumN.Y. law to pose hurdle for RIA’s off-channel comms supervision efforts
A New York state law that takes effect next year will make it more difficult for registered investment advisers in the state to conduct proactive testing for violations of their firms’ off-channel communication policies.
-
News BriefAmended N.Y. cyber regs up pressure on financial firms to combat risks
New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
More from Regulatory Policy
-
ArticleU.K. listed companies must adapt to new sustainability reporting regime by 2027
Sustainability reporting rules for U.K. listed companies are set to change. The U.K. financial regulator has launched a consultation laying out its proposals, which aim to align the reporting regime with the international ISSB standards.
-
ArticleU.K. ‘buy now pay later’ regulation signals end of ‘Wild West’ fintech loans system
Firms offering “buy now, pay later” financing will become part of the regulated financial services sector in the U.K. from July 15. Compliance teams must act now to ensure they are ready to introduce rules and establish creditworthiness assessment processes, adapt systems, and change data processes before the deadline.
-
ArticleNew EU rules will force companies to come clean on pay
New rules that will be introduced this June will require companies based in the European Union (EU) to explain why some workers are paid more money for the same job and remedy any “unjustified” discrepancies.