The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements). We thank the Department of Health for the opportunity to provide input towards this important proposal. The HPC is a group of industry experts dedicated to creating a more favorable legal, policy, and business environment for security vulnerability disclosure and management, good faith security research, penetration testing, bug bounty programs, and independent repair for security. From this perspective, we recognize the importance of cybersecurity for healthcare and are broadly supportive of the Department of Health’s efforts to update sector security practices

Download the Full Comments Here

Read Next

Blog Post
Government

Japanese Regulator Balances Cybersecurity, Competition Concerns In MSCA Implementation Guidelines

Promoting robust competition in the digital space while ensuring cybersecurity protections is challenging. The Japan Fair Trade Commission strikes a crucial balance between these priorities in its May 2025 guidelines.

Blog Post
Security

Protecting Mobile Security in a Competitive Ecosystem

In an amicus brief filed in Epic Games v. Apple Inc., the Center for Cybersecurity Policy and Law urges the 9th Circuit to ensure that competition remedies do not undermine security.

Blog Post
Government

The Clock’s Ticking: Why CISA 2015 Must Be Renewed Now

As the September 2025 expiration of CISA 2015 looms, Congress faces a critical decision that will shape the future of national cyber defense. At a time when the U.S. is under near constant cyber attacks, government and industry need to share intel.