NYSDFS Expands Requirements For Cybersecurity Governance, Safeguards And Incident Reporting For New York State Health Insurance Companies – Security

By
riskacademy
-
0
238

On November 1, 2023, Governor Kathy Hochul announced that the
New York State Department of Financial Services
(“NYSDFS”) amended its Part 500 Cybersecurity Regulations for
state-licensed financial institutions.1 The amendments
reflect the first significant change to the Cybersecurity
Regulations since their inception in 2017 and incorporate new
information security compliance obligations for regulated
entities—institutions operating under or required to obtain a
license or similar authorization under New York’s insurance
law, banking law, or financial services law.2 The
Cybersecurity Regulations accordingly apply to health insurance
companies operating in New York, as well as entities that sell
annuities or other insurance products if such institutions receive
a license from NYSDFS.

Perhaps most notably, the amendments expand on NYSDFS’s
72-hour cybersecurity event reporting obligation and incorporate
new 24-hour reporting requirements for regulated entities that make
extortion payments. In addition, all regulated entities will need
to comply with new cybersecurity governance obligations and
additional cybersecurity measures and controls. Further,…

Read More…

Актуальные книги на английском

An Introduction to Decision Theory (Cambridge Introductions to Philosophy)
Читать на английском
The Decision Intelligence Handbook: Practical Steps for Evidence-Based Decisions in a Complex World
Читать на английском
Algorithms for Decision Making
Читать на английском
An Introduction to Management Science: Quantitative Approaches to Decision Making
Читать на английском
Wise Decisions: A Science-Based Approach to Making Better Choices
Читать на английском
Algorithms to Live By: The Computer Science of Human Decisions
Читать на английском

RELATED ARTICLESMORE FROM AUTHOR