Annual Filings:  Certifications and Exemptions

The new data security provisions require all licensees, as defined by KRS 304.3-750(6) including all persons licensed or authorized to conduct insurance business in the Commonwealth of Kentucky who are not exempt under KRS 304.3-752 (A licensee with fewer than 50 employees, including independent contractors, shall be exempt from the requirements of KRS 304.3-750 to KRS 304.3-768) to Notify the Commissioner of the Department (“Commissioner”) of cybersecurity events in accordance with KRS 304.3-760 and Title 806 Chapter 3 • Kentucky Administrative Regulations • Legislative Research Commission. 

Report a Cybersecurity Event

To file a cybersecurity event, please log into the licensee's eServices account here:   https://insurance.ky.gov/doieservices/UserRole.aspx

To update an existing cybersecurity event, please log into the licensee's eServices account here:   https://insurance.ky.gov/doieservices/UserRole.aspx

All Domestic Licensee’s certification or exemption notices shall be filed by Feb. 15 each year. Filings can be submitted electronically by signing into https://insurance.ky.gov/doieservices/UserRole.aspx and clicking the information security compliance link.

If a licensee is having an issue with their eServices account, please contact Kentucky Online Gateway here: Kentucky Online Gateway