The impact of the COVID-19 outbreak continues to expand, as the New York Department of Financial Services (“NYDFS”) has extended the deadlines for Certification of Compliance for the Cybersecurity Regulation (23 NYCRR Part 500).  A statement on NYDFS’ website explicitly notes that this change is solely a result of “the outbreak of COVID-19.”  Accordingly, all Covered Entities and licensed persons who are not fully exempt from the Cybersecurity Regulation are required to submit a Certification of Compliance no later than June 1, 2020, attesting to their compliance for the 2019 calendar year.  More information about this development is contained in NYDFS’ website.

Additional details about the Regulation may be found in our prior post, Enforcement of the NYDFS Cybersecurity Regulation Coming in the Near Future.