Search Results for: NYDFS

In Response to Covid-19, NYDFS Delays while CA AG Declines to Change CCPA Timing

April 7, 2020 By Privacy, Cyber & Data Strategy Team

According to a report from the International Association of Privacy Professionals, the California Attorney General has confirmed that enforcement of the California Consumer Privacy Act (CCPA) will not be delayed due to the Covid-19 pandemic. “We’re committed to enforcing the law as early as July 1,” said a representative of the Attorney General’s office according […]

NYDFS Cybersecurity Regulations Nearly Fully Effective

February 15, 2019 By Kate Hanniford

The February 15, 2019 NYDFS compliance certification deadline represents the last annual compliance certification subject to the transition period for covered entities to come into compliance with the cybersecurity regulations. NYDFS now expects covered entities to certify as to their compliance with all but one provision of the cybersecurity regulations which relates to the implementation […]

NYDFS Cybersecurity Requirements Compliance Deadline Nears for Key Provisions

August 16, 2018 By Kate Hanniford

September 4, 2018 marks the end of the transitional period for covered entities to comply with several key provisions of the NYDFS Cybersecurity Requirements that require certain systemic and sustained measures. These provisions include the encryption and audit trail requirements as well as ones relating to the implementation of monitoring policies, procedures, and controls, application […]

NY DFS Releases Revised Proposed Second Amendment of its Cybersecurity Regulation

July 11, 2023 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“NY DFS”) published an updated proposed Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500) in the New York State Register on June 28, 2023, updating its previous proposed Second Amendment, which was published November 9, 2022. While the language proposed is largely similar to the previous […]

FTC Revises the Safeguards Rule and Proposes Mandatory Reporting of Cybersecurity Events

November 1, 2021 By Kathleen Benway, Kim Peretti and Kate Hanniford

On October 27, 2021, the FTC released its much-anticipated final revisions to the Gramm-Leach-Bliley Safeguards Rule (Safeguards Rule or Final Rule), following a 3-2 vote along party lines and also released a notice of proposed rulemaking that would require reporting to the FTC of certain cybersecurity events. Revisions to the Safeguards Rule Effective since 2003, […]