New York State Department of Financial Services recently updated its web page to indicate that any covered entities (i.e., agencies, insurance agents or insurance brokers) that already submitted their Certification of Compliance, needs to do so again after Monday, Jan. 1, 2018.
According to the department, "The Certification of Compliance certifies that a Covered Entity complied with 23 NYCRR 500 for the entire calendar year. As such, the department only expects to receive a Certification of Compliance between January 1 and the February 15 deadline for the previous calendar year. Unless a Covered Entity is ceasing department-authorized operations before that year end, a Certification of Compliance before year end will not satisfy the requirement that a Covered Entity certify its compliance as of year-end."
The NYDFS Cyber Security Regulation (23NYCRR500) requires all New York-licensed insurance agencies, agents and brokers to file a certification of compliance, prior to Thursday, Feb. 15, 2018, and annually thereafter. The certification confirms that the licensed entity has complied with the regulation to the extent required, which includes conducting a risk assessment and developing cybersecurity programs and policies based upon that risk assessment.
Digital Edge is an expert in ISO standards, is certified by International Standard Organization on Information Security and Quality (ISO 27001). There is a clear crosswalk between DFS law and ISO standards. Digital Edge will help to implement policies, standards and practices to cover all DFS requirements based on International Standards Organization framework.
Contact us today to further explore how our team can provide your business with an unparalleled cybersecurity solution, with our continued focus on Stability, Security, Efficiency and Compliance.
For more information on this regulation and to ensure that your organization is following the critical compliance requirements, please read our most recent articles:
- DFS Compliance – Mandatory Cybersecurity Requirements
- To Do: Check List to Comply with DFS Cybersecurity Law
- Discover the NEW online DFS Cybersecurity Reporting Portal
- Exempt from DFS Cybersecurity Regulations – Now What?