New York’s cybersecurity regulations for hospitals, finalized by the New York State Department of Health in October 2024, address data privacy and cyberattacks. The regulations, effective from October 2025, require hospitals to adopt cybersecurity programs, designate a Chief Information Security Officer, conduct penetration testing, and report breaches within 72 hours. The rules could impact cyber insurance policies; non-compliance may affect coverage. While federal frameworks like HIPAA and HITECH set data privacy standards, New York’s regulations go further with its prescriptive approach.
This Deceptively Simple Android App Proves That Anything Can Harbor Malware
A malicious BMI calculator app on Amazon’s Appstore, revealed by McAfee, could have recorded users’ screens and SMS messages to steal private data and apps
