New York's Cybersecurity Regulations - Safeguard Your Hospital Now

Governor Kathy Hochul has introduced a groundbreaking cybersecurity strategy for New York, marking a significant advancement in protecting hospitals from digital threats. This initiative is about more than compliance: it's about safeguarding the lifeblood of our hospitals and communities.

What Does This Mean for Your Hospital?

The proposed regulations extend beyond the HIPAA Security Rule, focusing on the robust protection of hospital networks and systems critical to patient care. All New York State hospitals will be required to comply with these regulations within one year of finalization.

Key Action Points for Your Hospital:

  1. Appoint a CISO: Your hospital must designate a Chief Information Security Officer to oversee cybersecurity policies, ensuring they are reviewed and updated annually.
  2. Establish a Cybersecurity Program: Develop a comprehensive program to assess risks, implement defensive measures, and prevent unauthorized access.
  3. Develop Incident Response Plans: Prepare detailed response plans for handling potential cybersecurity incidents, including notification protocols and drills to maintain patient care continuity.
  4. Evaluate and Test Applications: Formulate policies for the rigorous testing of application security, regardless of whether they are developed internally or acquired from third parties.
  5. Implement Multi-factor Authentication: Strengthen access controls by mandating multi-factor authentication for any external network access to your hospital's internal networks.

Funding Opportunities

To support these critical upgrades, Governor Hochul's FY24 budget includes a proposed $500 million fund for healthcare facilities. This is an opportunity to modernize your technology systems in alignment with the new regulations.

Let's Discuss Your Next Steps

The implications of these regulations are significant, and the urgency to adopt advanced cybersecurity measures has never been greater. Contact us today to discuss how we can support your hospital's journey to cybersecurity excellence.