New York Hospitals Face Stricter Cybersecurity Rules Beyond HIPAA Compliance

October 16, 2025Source: BankInfoSecurity

Found this useful? Share it with your network

New York hospitals must now adhere to stricter cybersecurity regulations than the federal HIPAA security rule, introducing significant compliance challenges for healthcare providers. Effective from October 2024, hospitals are required to report cyber incidents within 72 hours and must comply with additional mandates by October 2025, including multifactor authentication and appointing a Chief Information Security Officer. These regulations extend beyond HIPAA-protected data to include personally identifiable and business information, complicating data governance efforts. Healthcare professionals need to proactively demonstrate compliance plans to regulators, addressing the challenges posed by this expanded data landscape.

Read Full Article

Opens on BankInfoSecurity

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News