X
    X
    X
    X

    Document Retention Aspects of New York Cybersecurity Regulations

    Publications

    The New York Department of Financial Services Cybersecurity Regulations, 23 NYCRR part 500 (the “Cybersecurity Regulations”), require companies subject to the regulations to update their record retention schedule for particular documents mandated by the Cybersecurity Regulations.  In particular, covered entities must have policies and procedures in place for the secure disposal of nonpublic information that comports with other applicable laws and regulations.  Further, they must certify each year that they are in compliance with the Cybersecurity Regulations, and they must retain a copy of the certification, along with “all records, schedules, and data supporting this certificate for a period of five years.”

    Implementing this requirement requires understanding the scope of records covered by the Cybersecurity Regulations and understanding the need to retain related records that could have a different retention period.   We have examined this issue already – it may not be as simple as adding a new row to a company’s existing record retention schedule.  We would be happy to help your Company confirm this aspect of complying with the Cybersecurity Regulations. This should be no more than a 2 hour effort, depending on how complex the existing record retention schedule is.  The deadline to complete this was September 4, 2018, so if your Company still needs assistance, there is some urgency.

    The post Document Retention Aspects of New York Cybersecurity Regulations appeared first on Insurance & Reinsurance.

    Explore Additional Topics

    Disclaimer

    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.