The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements). We thank the Department of Health for the opportunity to provide input towards this important proposal. The HPC is a group of industry experts dedicated to creating a more favorable legal, policy, and business environment for security vulnerability disclosure and management, good faith security research, penetration testing, bug bounty programs, and independent repair for security. From this perspective, we recognize the importance of cybersecurity for healthcare and are broadly supportive of the Department of Health’s efforts to update sector security practices
Read Next
New Report Highlights Need for Investment to Reduce Systemic Risks of Ransomware in Latin America
A new report from the Digi Americas Alliance, written in collaboration with Duke University, looks at cyber readiness in Latin America and some of the pressing challenges these nations are facing.
CISA Proposes Sweeping Cyber Incident Reporting for U.S. Companies
The federal government is one step closer to requiring approximately 315,000 businesses to report cyber incidents and ransomware payments.
Event Recap: Spring Into Privacy with the NIST Privacy Engineering Program
The NIST Privacy Framework is getting a little "Spring Cleaning." Officials from NIST's Privacy Engineering Program updated participants on updated to the Privacy Framework and other projects at an event last week.
