News & Analysis as of

Covered Entities Cybersecurity Regulatory Requirements

Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Are Your Cybersecurity Controls Ready for the New York State Department of Financial Services' Deadlines?

In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

Epstein Becker & Green

Recent Developments in Health Care Cybersecurity and Oversight: 2024 Wrap Up and 2025 Outlook

Epstein Becker & Green on

As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more

Sheppard Mullin Richter & Hampton LLP

HHS’ Last-Minute Holiday Gift: Proposed Changes to the HIPAA Security Rule

The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

White & Case LLP

NYDFS Releases Artificial Intelligence Cybersecurity Guidance For Covered Entities

White & Case LLP on

On October 16, 2024, the New York State Department of Financial Services (the "DFS"), under its Cybersecurity Regulation—23 NYCRR Part 500—issued a memorandum providing guidance on the risks posed by artificial intelligence...more

Eversheds Sutherland (US) LLP

AI at the gate: NYDFS issues guidance on addressing new AI-driven cybersecurity risks under existing cybersecurity requirements

On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter providing guidance on how DFS-regulated entities (covered entities) should be evaluating and responding to artificial...more

A&O Shearman

Cyber and AI: NYDFS has entered the chat

A&O Shearman on

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) released an Industry Letter—entitled Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Letter”)....more

McDermott Will & Emery

NYDFS Issues Letter Highlighting Cybersecurity Risks of AI

McDermott Will & Emery on

On October 16, 2024, the New York State Department of Financial Services (NYDFS) published a letter to covered entities that calls attention to the risks posed by artificial intelligence (AI). This non-binding guidance letter...more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

McDermott Will & Emery

NYDFS Finalizes Amendments to Cybersecurity Regulation Impacting Financial Services Companies

McDermott Will & Emery on

On November 1, 2023, the New York Department of Financial Services (NYDFS) amended Part 500, the cybersecurity regulation. These updates follow numerous NYDFS enforcement actions and other new cybersecurity rules, such as the...more

Jenner & Block

Client Alert: New York Issues Significant Amendments to its Forward-Leaning Cyber Regulations

Jenner & Block on

In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more

Health Care Compliance Association (HCCA)

[Event] 2023 Healthcare Enforcement Compliance Conference - November 5th - 7th, Washington, DC

Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us at HCCA’s Annual Healthcare Enforcement Compliance Conference to...more

Hogan Lovells

New York State Expected to Increase Enforcement of Cybersecurity Practices

Hogan Lovells on

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more

Robinson+Cole Data Privacy + Security Insider

Yearly Data Breach Reporting Due to OCR by February 29

Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide