N.Y. hospitals face stiff cybersecurity requirements under proposed rules
By 
Adrianne Appel2023-11-15T21:09:00
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
The proposed rules, which would require the reporting of material cyber incidents within two hours, are designed to strengthen the cybersecurity of hospitals and their networks, said New York Gov. Kathy Hochul in a press release Monday.
Complying with the proposed rules would initially cost hospitals tens of thousands or tens of millions of dollars, according to the draft rules, which noted program maturity as a dictating factor. Hospitals would be allowed to subcontract for cybersecurity services.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefHHS: New cybersecurity regs on the way for hospitals
Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.
-
PremiumN.Y. law to pose hurdle for RIA’s off-channel comms supervision efforts
A New York state law that takes effect next year will make it more difficult for registered investment advisers in the state to conduct proactive testing for violations of their firms’ off-channel communication policies.
-
News BriefAmended N.Y. cyber regs up pressure on financial firms to combat risks
New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
More from Regulatory Policy
-
ArticleEU loosens AI and data rules
Europe has been at the forefront of designing strong—but flexible—rules around data use and the safe development of AI, but the EU recently announced plans to simplify some key measures around data privacy and AI governance, which have met with mixed responses.
-
PremiumQ&A with FINRA’s Greg Ruppert on the organization’s use of Artificial Intelligence
Greg Ruppert, Chief Regulatory Operations Officer at the Financial Industry Regulatory Authority (FINRA), recently shared insights with Compliance Week regarding the self-regulatory organization’s use of Artificial Intelligence in monitoring trends in the market, spotting threats, and keeping its members informed.
-
PremiumEU financial firms must prepare now for new rules on critical third-party arrangements
European banks and financial institutions must prepare now for stringent new rules on third-party suppliers.