New York hospitals must update their HIPAA compliance programs to comply with stricter state regulations set by the New York State Department of Health, aimed at strengthening the protection of patient data, by October 2025. The regulations require hospitals to conduct risk assessments, establish cybersecurity programs, conduct vulnerability assessments, implement a cybersecurity policy, maintain systems and records, designate a CISO, establish an incident response plan, and report any cybersecurity incidents within 72 hours.

The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing