Hospitals, health systems and providers are targets of cyberattacks at an alarming rate, putting patient data, electronic infrastructure and, most importantly, patient lives at risk. The Department of Health and Human Services’ Office of Civil Rights reported an average of 60 data breaches a month in the health care sector between January 1 and October 31, 2022. According to FBI data, 25% of ransomware attacks in 2022 targeted health care—more than any of the other 14 critical infrastructure industries. New York has been hit hard, with recent cyberattacks requiring hospitals to divert patients to other hospitals, cancel surgeries and temporarily shut down services.

In response to the growing cyber threat, New York—a national leader in driving cybersecurity advances—has proposed to become the first state requiring hospitals to implement cybersecurity controls that would safeguard protected health information and its electronic infrastructure and prevent delays in care from cybersecurity events. The new requirements build on New York’s proven track record in other industries, including establishing cybersecurity requirements for financial services companies and their vendors in 2017 and, more recently, developing the first statewide cybersecurity strategy for the state’s digital infrastructure. In a new webinar, Manatt will explain the proposed regulations and what they mean for providers, share insights to help hospitals guard against attacks, and present lessons for other states seeking to put protections in place. Key topics include:

• A guide to New York’s proposed hospital cybersecurity regulation and key compliance dates
• A look at the funding the state will use to assist hospitals in meeting the new requirements 
• Strategies for submitting applications for obtaining funding to support cybersecurity compliance under the Statewide Health Care Transformation Program
• Key considerations for ongoing compliance with cybersecurity requirements and enforcement
• Actions providers can take to protect their organizations and mitigate risk
• Lessons for other states seeking to enhance cybersecurity protections for providers

Speakers

• Meghan McNamara, Partner, Manatt Health
• Scott Lashway, Partner, Privacy and Data Security
• Tracy Raleigh, Senior Advisor, Manatt Health
• Michael Paulsen, Counsel, Manatt Health

Date and Time 

Tuesday, January 30
1:00 – 2:00 p.m. ET

CLE

CLE is pending in NY and California.

If you would like to receive an audio transcript of this webinar due to accessibility issues, please email us at webinars@manatt.com.

This program does not constitute legal advice, nor does it establish an attorney-client relationship. Views expressed by presenters are strictly their own and should not be construed to be the views of Manatt or attributed to Manatt.