New York is planning to tighten regulation of hospital cybersecurity practices, according to draft rules reviewed by The Wall Street Journal.
The regulations will require hospitals to develop incident response plans, adopt secure software design practices for in-house applications and install security technologies such as multifactor identification, among other preventive measures.
The rules are aligned with federal regulations and come after a string of New York hospitals have been hit with cyberattacks over the past year.
The draft guidance is slated to be released Nov. 13 and will be open for a 60-day public comment period.