Data Security Breach - Who Are You Going to Call?
The New York State Information Security Breach and Notification Act amends the State Technology Law (Section 208) and the General Business Law (Section 899-aa), and requires that any New York State entity, as well as any person or business conducting business in New York and who owns or licenses computerized data that includes private information, must disclose any breach to New York residents (New York State governmental entities must also notify non-residents). This is similar to well more than 30 other states that have data breach notification statutes. Did you also know that when notification is necessary, New York law requires notification to the Attorney General, the Office of Cyber Security & Critical Infrastructure Coordination, and the Consumer Protection Board? Did you know there’s a “New York State Security Breach Reporting” form? No company relishes the idea of having to deal with a compromise of sensitive customer data? And no company should have to worry about not having the right legal advice when dealing with their customers, regulators and law enforcement officials. Reed Smith has a Data Security Group that keeps track of these laws in the United States and throughout the world.
