Careers Contact Us Portal
Careers Contact Us Portal
Careers Contact Us Portal

CloudWave’s 2024 Predictions Part 3: Increased Cybersecurity Regulations and Funding Will Impact Healthcare at the State Level

CloudWave’s 2024 Predictions Part 3: Increased Cybersecurity Regulations and Funding Will Impact Healthcare at the State Level

The number of individuals impacted by healthcare cyberattacks in 2023 more than doubled compared to the previous year, with an excess of 100 million people affected by healthcare cyberattacks—or nearly 1 in 3 Americans.1  As increasing cyberattacks continue to plague the healthcare industry, hospitals and health systems must take the measures necessary to prevent unauthorized access to their critical systems and patients.

New York has recently taken a bold step forward in this fight by approving comprehensive cybersecurity regulations that apply to hospitals statewide. Additionally, its governor approved $500 million in funding, of which a portion will go toward helping some hospitals upgrade technology systems to meet the requirements. The regulations require hospitals to implement robust infrastructure to prevent cyberattacks, establish policies for evaluating and testing the security of third-party applications, develop incident response plans, and perform testing of those plans to ensure that patient care continues in the event of a disruption, among other requirements. Hospitals have one year to comply with the requirements, with the obligation to report cybersecurity incidents to the New York State Department of Health becoming effective immediately.

Moving forward, the proactive approach New York is taking should serve as a model for other states looking to improve healthcare cybersecurity. Collaboration between stakeholders and industry players will be essential as regulations rise to ensure that all healthcare facilities, regardless of size, can meet and exceed the cybersecurity standards necessary in today’s threat landscape. Companies offering cybersecurity solutions and services will step up to help healthcare organizations meet regulatory requirements and identify the most effective strategies to maximize state funding. States following New York’s lead may see hospitals strengthen defenses, but only with cooperation.

Even if other states haven’t enacted regulations, hospitals should not wait to implement improved processes and strategies. Those who act now will be in a better position should their state pass legislation (and be better protected from cyber attackers).

Patient care depends on a functioning digital infrastructure, and new rules will recognize this dependence while supporting hospitals in building robust systems. Overall, New York’s proactive stance on healthcare cybersecurity regulations and funding provides a model for how collaboration and support at the state level may transform cyber defenses across the US healthcare system in 2024 and beyond.

Interested in learning more? Watch CloudWave’s on-demand webinar, A Review of New York State Cybersecurity Regulations and What it Means for NY Hospitals.

Tim Quigley, Chief Client Officer, CloudWave

 

1. Chief Healthcare Executive, Healthcare cyberattacks have affected more than 100 million people in 2023, December 18, 2023