Bill to strengthen New York State data breach law advances

Legislation to change how the state’s IT office responds to data breaches is now up for consideration by Senate lawmakers.  The bill (NY State Senate Bill S6834A) would alter how the state reacts to an electronic breach of private information, giving more responsibilities to New York’s Office of Information Technology Services in the wake of any state data breach.   The bill states that should any “state entity” handling citizens’ private information discover that personal data becomes exposed to any unauthorized users, the legislation would task the IT office with delivering “a report on the scope of the breach and recommendations to restore and improve the security of the system to the state entity” within 90 days after the discovery of the breach.

Additionally, the bill requires that state IT staff “develop, update and provide regular training to all state entities relating to best practices for the prevention of a breach of the security of the system.”

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s