New York could soon pass its own GDPR-inspired data security law
New Yorkers could soon have clearer insight into when, where and how their data has been compromised under the terms of a bill expected to pass this week in the state’s legislature. The state’s lawmakers are debating whether to approve a bill that would update the state’s data breach notification law to cover more personal information and force firms to disclose ransomware infections, among other measures. The Stop Hacks and Improve Electronic Data Security Handling (SHIELD) Act also would cover any business that holds sensitive data of New York residents, rather than only firms that do business in the state. It’s an important detail cribbed from the European Union’s General Data Protection Regulation (GDPR), which compels organizations to report breaches affecting EU citizens, no matter where the hacked company is located, to regulators within 72 hours. The SHIELD Act requires notification to affected individuals “without unreasonable delay,” a time period […]
The post New York could soon pass its own GDPR-inspired data security law appeared first on CyberScoop.
Continue reading New York could soon pass its own GDPR-inspired data security law