The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements). We thank the Department of Health for the opportunity to provide input towards this important proposal. The HPC is a group of industry experts dedicated to creating a more favorable legal, policy, and business environment for security vulnerability disclosure and management, good faith security research, penetration testing, bug bounty programs, and independent repair for security. From this perspective, we recognize the importance of cybersecurity for healthcare and are broadly supportive of the Department of Health’s efforts to update sector security practices

Download the Full Comments Here

Read Next

Blog Post
Government

FedRAMP Signals Acceleration of Requirements for Machine-Readable Packages in the Rev5 Process

FedRAMP has proposed modifications to the Rev5 process in the newly published RFCs that could enact major changes and require Cloud Service Offerings to provide authorization packages in a “machine-readable format.”

Papers & Reports
Security

Meeting the Homeland C-UAS Threat

A recent tabletop exercise examined the impact of drone attacks on a university hockey game, electric grid, and nearby air base and recommended key findings to deter and prevent these types of attacks.

Comments
Government

Cybersecurity Coalition, HPC Comment on EU CRA Delegated Act on Delaying Dissemination of Notifications About Vulnerabilities and Incidents

The Cybersecurity Coalition and the Hacking Policy Council submitted comments to the European Commission on its consultation related to the Delegated Act.