Understanding New York’s New Cybersecurity Regulations for Hospitals

New York State has introduced comprehensive cybersecurity requirements for general hospitals, mandating stronger protections and quick incident reporting. The new regulations require hospitals across the state to report any cybersecurity incidents to the New York State Department of Health within 72 hours of discovery, a shift that may signal more prescriptive cybersecurity standards for healthcare nationwide.

Thank you for reading this post, don't forget to subscribe!

Beyond the 72-hour reporting requirement, which took effect on October 2, 2024, hospitals must implement key cybersecurity measures, such as multifactor authentication and a robust incident response plan, by October 2025. These regulations currently apply only to general hospitals, excluding other healthcare facilities like nursing homes and diagnostic centers.

Cyberattacks, especially ransomware, have posed increasing threats to healthcare organizations of all sizes. An October 2024 report from Microsoft revealed a 300% rise in ransomware attacks in the sector since 2015, highlighting the healthcare industry’s vulnerability despite available guidance and emerging regulations.

What sets the New York regulations apart is their emphasis on specific security measures to address cyber threats, complementing existing HIPAA requirements. Governor Kathy Hochul emphasized the need for a unified cybersecurity approach, especially for hospitals, stating in a press release that these regulations “set forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats.”

As your facility deals with new health regulations, Tectonic is here to help. Contact us today.

Related Posts
Salesforce OEM AppExchange
Salesforce OEM AppExchange

Expanding its reach beyond CRM, Salesforce.com has launched a new service called AppExchange OEM Edition, aimed at non-CRM service providers. Read more

Health Cloud Brings Healthcare Transformation
Health Cloud Brings Healthcare Transformation

Following swiftly after last week's successful launch of Financial Services Cloud, Salesforce has announced the second installment in its series Read more

Alphabet Soup of Cloud Terminology
abc

As with any technology, the cloud brings its own alphabet soup of terms.  This insight will hopefully help you navigate Read more

We Are All Cloud Users
How Good is Our Data

My old company and several others are concerned about security, and feel more secure with being able to walk down Read more