Dec 6, 2016

No mention of cybersecurity regulation in Dec. 7 State Register

There was no mention of the New York State Department of Financial Services cybersecurity regulation in this week’s State Register. The proposed regulation was published Sept. 28, and the final comment period ended in November.

The comments received will need to be addressed in the final adoption notice which will also be printed in the State Register. That leaves three more weeks in December for publishing the final regulation prior to the Jan. 1 effective date.

PIANY believes too many individuals and entities would be subject to this regulation and strongly urged the NYDFS to modify the exemption threshold to exclude, or greatly reduce, the impact on small- and medium-sized agencies. All licensed individuals and entities already are subject to the cybersecurity provisions of Regulation 173 in New York state.

PIANY also urged for a phase-in of the provisions of the regulation, citing recent member-survey results that indicate agents and brokers will require significant time to identify and adopt policies and procedures to comply with the regulation. For more information on the proposed regulation, click here. And sign up for the PIA Webinar on Tuesday, Dec. 13: N.Y.’s Cybersecurity Regulation: What Agents Need to Know.