The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements). We thank the Department of Health for the opportunity to provide input towards this important proposal. The HPC is a group of industry experts dedicated to creating a more favorable legal, policy, and business environment for security vulnerability disclosure and management, good faith security research, penetration testing, bug bounty programs, and independent repair for security. From this perspective, we recognize the importance of cybersecurity for healthcare and are broadly supportive of the Department of Health’s efforts to update sector security practices
Read Next
Yet Another Blog About “Cyber Operations:” The Trump II Administration’s National Cyber Strategy and Private Sector Collaboration
The recently released National Cyber Strategy provides some insight into questions about the Administration’s approach to offensive cyber policy, and particularly the private sector’s role.
Beyond Buzzwords: What Public Views on Scanning and Encryption Mean for Policymakers
Public support for content scanning and encryption backdoors drops when tradeoffs are made clear. This survey of Nordic countries shows people prioritize privacy and security over harm detection, and lack trust in institutions to govern access.
Center for Cybersecurity Policy and Law to the European Commission: Proposed Measures on Search Data Sharing Raise Security Concerns
The Center for Cybersecurity Policy & Law issued comments in response to DMA.100209 – Alphabet – Article 6(11) -- warning of the security and privacy risks of proposed data sharing requirements.
