Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
Will the SHIELD Act Accomplish Its Goal of Effectively Combatting Patent Trolls?
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our Top 10 most popular topics from 2023....more
On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law....more
As was previously written, last fall New York enacted the "Stop Hacks and Improve Electronic Data Security Act" (SHIELD ACT), which required businesses having private information of New York residents to implement a written...more
In the fall of last year, we wrote about the passage of the SHIELD Act (the Act) in New York, which expanded aspects of the state’s breach notification requirements (Breach Requirements) and created a statutory obligation to...more
As the March 21 deadline for the New York SHIELD Act draws closer, health care providers may be wondering: does their status as a covered entity under HIPAA, and its associated data security protections, automatically...more
As discussed in an earlier blog post, the New York state Stop Hacks and Improve Electronic Data Security Act (or “SHIELD Act”), was signed into law on July 25, 2019....more
On March 21, 2020, companies will need to comply with yet another data privacy and security law when the New York Stop Hacks and Improve Electronic Data Security Act ("NY SHIELD Act") takes effect. The SHIELD Act is unique in...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
Time is running out. The effective date of New York’s cybersecurity law mandating that organizations implement an information security program to protect “private information” of New York State residents, including employee...more
New York’s recently enacted Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) enhances data breach notification requirements and requires covered organizations to “develop, implement and maintain” a...more
New York State has enacted S5575, the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”). This new law amends New York General Business Code 899-aa and adds Section 899-bb to significantly expand consumer...more
New York recently enacted important changes to its data breach notification requirements (Breach Requirements) and created a statutory obligation to maintain reasonable data security (Security Requirements). Under the new...more
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security (“SHIELD”) Act into law making New York the latest state to expand protections for its residents....more
New York recently amended its existing data breach notification law to expand the data breach notification obligations of persons and businesses (and state agencies) and impose specific data security requirements on persons...more
Poor Richard does get his hoped-for trip to New York today, but not, as many others hoped a few months ago, to examine a new comprehensive privacy law that outdoes the CCPA with the first enactment of the concept of data...more
The recent $575,000 settlement with EmblemHealth signals a push from AG Schneiderman “for stronger security laws and hold[ing] businesses accountable for protecting their customers’ personal data.” Noting New York’s “weak and...more