DOH Issues Final Reminder of Network Requirements for Accessing HCS
On Oct. 12, 2023, the Department of Health (DOH) issued a reminder notice to network administrators in organizations that need to access the Health Commerce System (HCS) with information to help them configure their network to support a secure connection to the HCS via HTTPS. Connectivity must be ensured on or before Oct. 18, 2023.
According to DOH, most organizations deploy an internet firewall, or internet proxy and firewall, to restrict and control the HTTP-based traffic that leaves and enters their network. The notice directs organizations to follow the firewall and proxy guidance below to enable access to the HCS from their network by Oct. 18th:
- DOH advises organizations to first try testing using the User Acceptance Testing (UAT) HCS website. There is no need to login/authenticate, and no further action is needed if you can reach the UAT HCS login page. If you are not able to reach the UAT HCS login page, follow the guidance below to ensure network access for your users.
- If your organization is using a firewall only, note that filtering HCS traffic using IP addresses is NOT recommended, as the IP addresses used by the HCS are dynamic and may change at any time. The IP addresses are also not used exclusively by the HCS.
- If your firewall supports URL filtering, configure the firewall to allow the HCS destination URLs listed below. An asterisk (*) shown at the beginning of a URL (e.g., *.health.ny.gov) indicates that services in the top-level domain and all subdomains must be accessible, which will also help ensure that users in your organization can access other DOH systems in addition to the HCS.
- If your firewall does not support URL filtering and must use IP filtering, configure the firewall to allow the HCS destination IPs listed here, but note that the IP addresses used by the HCS are dynamic and may change at any time. Thus, your organization should continuously review and update your firewall accordingly.
Any questions or concerns may be sent to email@example.com.