powered by LeadingAge New York

DOH Issues New Clarifications Regarding Cybersecurity Event Reporting Requirements

The Department of Health (DOH) Office of Health Information Management (OHIM) has issued a Dear Administrator/Technology Officer Letter (DAL). The letter is an updated version of OHIM DAL 19-01, dated Aug. 12, 2019, which described the process that DOH is asking providers to follow to report a cybersecurity event they are experiencing. The updated letter can be accessed here and is revised to include a Frequently Asked Questions document to address questions that arose.

The DAL states that the outlined protocol should be immediately implemented by the following provider types:

  • Hospitals, nursing homes, and Diagnostic and Treatment Centers
  • Adult Care Facilities
  • Home Health Agencies, Hospices, Licensed Home Care Services Agencies (LHCSAs)

Any questions regarding this DAL should be directed to DOH at ohim@health.ny.gov.

Contact: Diane Darbyshire, ddarbyshire@leadingageny.org, 518-867-8828