Annual Filings:  Certifications and Exemptions

The new data security provisions require all licensees, as defined by KRS 304.3-750(6), including all persons licensed or authorized to conduct insurance business in the Commonwealth of Kentucky who are not exempt under KRS 304.3-752, to Notify the Commissioner of the Department (“Commissioner”) of cybersecurity events in accordance with KRS 304.3-760 and Title 806 Chapter 3 • Kentucky Administrative Regulations • Legislative Research Commission. 

Report a Cybersecurity Event

To file a cybersecurity event, please log into the licensee's eServices account here:   https://insurance.ky.gov/doieservices/UserRole.aspx

To update an existing cybersecurity event, please log into the licensee's eServices account here:   https://insurance.ky.gov/doieservices/UserRole.aspx

All Domestic Licensee’s certification or exemption notices shall be filed by Feb. 15 each year. Filings can be submitted electronically by signing into https://insurance.ky.gov/doieservices/UserRole.aspx and clicking the information security compliance link.

If a licensee is having an issue with their eServices account, please contact Kentucky Online Gateway here: Kentucky Online Gateway