Minnesota Supreme Court Sets the Record Straight on Municipal Employer Liability
A recent court decision has changed how Minnesota courts analyze whether municipalities may be liable for their hiring decisions—emphasizing that...
With Verified Credentials' mobile-first candidate experience, you meet candidates where it's most convenient. Learn how easy we make it.
Ongoing monitoring of driving records can help employers avoid risk and improve driver safety. Learn about the benefits of adding Verified Credentials' newest solution to your screening strategy.
Learn the latest trends in employment background checks. This report uses real-life usage data to uncover how employers are screening across industries.
Verified Credentials is a leading background screening company. Since 1984, we’ve helped validate and secure relationships through the use of our comprehensive screening solutions. We offer a wide variety of background checks, verifications, and innovative screening tools.
Our accreditation confirms that our policies, processes, and employee training meet rigorous industry compliance standards.
3 min read
Verified Credentials Dec 26, 2024 11:05:48 AM
In 2017, the New York State Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Service Companies (23 NYCRR 500) was enacted to better regulate and protect customer data. The requirements were revised again on November 1, 2023.
On October 16, 2024, the NYDFS issued new guidance focused on cybersecurity risks, specifically related to the uptick in cybercriminals using artificial intelligence (AI) to commit crimes at greater scale and speed. The guidance addresses businesses regulated by the NYDFS that use AI or outsource business to entities that use AI. However, the insights provided may offer an instructive framework effective for all organizations to consider.
The primary goal of the guidance is to help assist “Covered Entities”—that is, those entities regulated by NYDFS—in understanding and assessing their cybersecurity risks associated with the use of AI, as well as the controls organizations can implement to mitigate these risks.
The guidance identifies four primary threats associated with AI:
The NYDFS guidance offers some more detailed examples of controls and measures Covered Entities may take to mitigate AI-related cyber threats.
Verified Credentials is committed to using AI responsibly and safely to protect our systems and client information. The company is audited annually by TrusteArc (TRUSTe) for privacy standards and by independent auditors for compliance with SOC 2, Type 2. Verified Credentials is also a founding member of the Professional Background Screening Association (PBSA) and is compliant with its rigorous standards.
Our internal AI use policies were adopted from the policy principles established in the National Institute of Standards (NIST) 800-53(r5) Planning (PL) control family and the NIST AI Risk Management Framework publications.
Verified Credentials’ Artificial Intelligence Governance and Use policy aims to ensure that AI technology is ethically used to enhance productivity, efficiency, and decision-making while complying with applicable law; and respecting privacy, confidentiality, and data security. Notably, our policy aligns with the guidance established by NYDFS.
Although the guidance only addresses organizations regulated by the NYDFS, with the uptick in the use of AI among organizations and cybercriminals alike, the guidance may provide useful information for all organizations to consider. The guidance calls for employers to train employees on the proper use of AI, stating that many AI-driven attacks are aimed at employees in hopes of obtaining proprietary company information. Employers regulated by the NYDFS should remain aware of AI-related cybersecurity risks mentioned, especially as they pertain to employee AI use and training, as well as third-party vendor management.
To learn more about the guidance from NYDFS, take a look at the official newsletter here.
This article is for informational purposes only and does not constitute legal advice. Employers should consult their legal counsel before taking any action.
A recent court decision has changed how Minnesota courts analyze whether municipalities may be liable for their hiring decisions—emphasizing that...
In December 2024, New York Governor Kathy Hochul signed two bills amending the state’s current data breach notification law. Senate Bill S2659B and...
In 2018, Kansas City, Missouri, amended Chapter 38of the city code ordinance to expand “ban the box” initiatives, prohibiting private employers and...
As AI systems and technology use continue to soar, more regulations and guidelines follow. Utah’s SB 149, also known as the AI Policy Act, mandates...
In January, Fulton County - Georgia’s most populous county that includes the city of Atlanta - experienced a cyber incident that significantly...
Do your background reports contain credit information about your candidates? Some states, and cities, restrict the use of certain credit information...