• New York recently enacted the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which expands data breach notification requirements and imposes new data security obligations on businesses that own, license or, in some cases, maintain computerized data that includes any New York resident’s private information.
• The new “reasonable security requirement” requires businesses that are not regulated by and compliant with another New York state or federal data security regime to adopt a program that includes certain data security safeguards.
• In a significant departure from prior New York law, the SHIELD Act expands the definition of “breach of the security of the system” to include “unauthorized access to,” in addition to unauthorized acquisition of, computerized data that compromises the security, confidentiality or integrity of private information maintained by a business.
Please see full publication below for more information.