TLDR: Compliance documentation is due for covered entities in New York by April 15, while cybersecurity policy and risk assessment review are due by April 29. Collection agencies may qualify as “third-party service providers” and be subject to cybersecurity oversight requirements. The regulations aim to integrate cybersecurity risk into business planning and decision-making. Key compliance dates are outlined for small businesses, Class A businesses, and covered entities. Deadlines for risk assessment reviews, cybersecurity policies, and cybersecurity awareness training are outlined. Members can access webinars and resources related to the regulations. Cyber liability insurance is recommended for members.
Key deadlines for compliance with New York’s cybersecurity regulations are approaching. Covered entities must submit documentation of compliance by April 15 and conduct risk assessments and policy reviews by April 29. The regulations aim to integrate cybersecurity risk into business planning and decision-making. It’s important for collection agencies, which may qualify as “third-party service providers,” to be aware of the cybersecurity oversight requirements. The regulations provide timelines for compliance based on the type of business affected. By May 1, 2025, entities must conduct automated scans of information systems and manual reviews of systems not covered by the scans. Members can access webinars and resources related to the regulations. It’s also recommended for members to ensure their cyber liability insurance is current and sufficient to meet future challenges.
It’s important for covered entities to comply with the upcoming deadlines for New York’s cybersecurity regulations. The regulations aim to ensure cybersecurity risk is integrated into business planning and decision-making. Collection agencies, which may qualify as “third-party service providers,” are also subject to cybersecurity oversight requirements. Members can access resources and webinars related to the regulations. Additionally, it’s recommended for members to maintain current and adequate cyber liability insurance to meet future challenges.