The New York Governor’s Office announced the Department of Financial Services (DFS) issued a final regulation to protect New Yorkers from the threat of data breaches at credit reporting agencies.
The governor’s office says under the new regulation, all, consumer and credit reporting agencies that reported on 1,000 or more New York consumers must register annually with DFS beginning on or before September 1, 2018 and by February 1 each year thereafter.
“The data breach at Equifax demonstrated the absolute necessity of strong state regulation, such as New York’s first-in-the-nation cybersecurity regulation, to safeguard New York’s markets, consumers and sensitive information from cyberattacks,” Financial Services Superintendent Maria Vullo said. “DFS’s oversight of credit reporting agencies will help to ensure that the personal data of New York consumers is less vulnerable to cyberattacks in this digital world, in order to prevent further breaches of consumer financial information.”
The regulation will also allow the DFS Superintendent to deny, suspend, and potentially revoke a consumer credit reporting agency’s ability to do business in the state if it’s found to be out of compliance by engaging in unfair, deceptive or predatory practices.