The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements). We thank the Department of Health for the opportunity to provide input towards this important proposal. The HPC is a group of industry experts dedicated to creating a more favorable legal, policy, and business environment for security vulnerability disclosure and management, good faith security research, penetration testing, bug bounty programs, and independent repair for security. From this perspective, we recognize the importance of cybersecurity for healthcare and are broadly supportive of the Department of Health’s efforts to update sector security practices

Read Next

Progress Report: National Cyber Workforce and Education Strategy

The Office of the National Cyber Director released an Initial Stages of Implementation report on the National Cyber Workforce and Education Strategy showing progress made thus far.

Chevron Pattern Disrupted: The Impact on Cybersecurity Regulations

The Supreme Court struck down a long-standing precedent on the power of federal agencies to interpret and clarify the laws they enforce. The ruling will likely have a sweeping effect on regulations, including cybersecurity rules, in every sector.

Research Needed for the Good and Bad AI Cybersecurity Use Cases

When implemented properly, artificial intelligence is a vital tool for cybersecurity but more public research is essential to understand and monitor a diverse array of AI systems and their potential – for good and bad.