New York Governor Kathy Hochul has proposed cybersecurity regulations for hospitals in the state as part of a comprehensive strategy to address the increasing cyber threats facing the healthcare sector.

An amount of $500m has been allotted in the FY24 budget, to enable healthcare centres to modernise their technology systems to comply with the proposed rules.

These regulations aim to enhance the protection of hospital networks and systems critical for patient care.

The proposed measures include the establishment of cybersecurity programmes, assessments of internal and external risks, implementation of defensive techniques, and infrastructure to prevent unauthorised access.

Hospitals are also required to develop response plans for potential cybersecurity incidents, conduct tests, and appoint a chief information security officer.

In addition, the regulations mandate the use of multi-factor authentication for network access.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The funding will support healthcare facilities in upgrading technology systems to comply with these regulations, fostering investment in modernisation and advanced clinical technologies.

If adopted, the regulations will be published on 6 December 2023, with a 60-day public comment period. Hospitals will have a year to comply once finalised.

Governor Hochul’s initiative is said to align with New York’s broader cybersecurity strategy to protect digital infrastructure and critical systems.

The move follows warnings from federal agencies about cyberattacks on hospitals, focusing on the immediate impact on patient care and services.

In addition, Governor Hochul designated October as a cybersecurity awareness month to educate the public about online safety.

New York State Chief Information Officer Dru Rai said: “When it comes to protecting New Yorkers from cyberattacks that have become more numerous and more sophisticated, safeguarding our hospitals is an essential part of New York’s aggressive and comprehensive whole-of-state approach.

“We thank the Governor and our agency partners for their ongoing commitment and are pleased that the state’s hospitals will be getting the uniform guidance and resources necessary to further enhance their own cybersecurity, thereby protecting patients and the critical systems that provide quality care all across New York.”