New York State Expands Data Breach Notification Laws

July 25, 2019, 5:19 PM UTC

New York State will require businesses to put in place data security programs and consumer credit reporting agencies to boost protection services under measures signed by Gov. Andrew M. Cuomo.

Cuomo (D) signed a bill (A.5635B/S.5575B) updating the state’s privacy law by expanding the definition of personal information and adding new requirements and timelines for data breach notices. It takes effect in 240 days.

He also signed a bill (A.2374/S.3582) requiring credit agencies to offer lifetime identity theft prevention and, if applicable, mitigation services if a data breach exposes consumers’ Social Security numbers. It takes effect ...

Learn more about Bloomberg Law or Log In to keep reading:

Learn About Bloomberg Law

AI-powered legal analytics, workflow tools and premium legal & business news.

Already a subscriber?

Log in to keep reading or access research tools.