2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
On December 21, 2024, New York Gov. Kathy Hochul signed into law S2659-B/A8872-A, which, effective immediately, changed timing requirements for notice under New York’s data breach notification law and expanded the list of...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
The New York Department of Financial Services ("NYDFS") fined a mortgage bank $1.5 million for violations of New York's Cybersecurity Regulation, including failure to report a past cyber incident. On March 3, 2021, the...more
Covered entities received two cybersecurity wake up calls from insurance regulators this month. As we have reported, the New York State Department of Financial Services (DFS) issued its long-awaited first cyber enforcement...more
As was previously written, last fall New York enacted the "Stop Hacks and Improve Electronic Data Security Act" (SHIELD ACT), which required businesses having private information of New York residents to implement a written...more
In the fall of last year, we wrote about the passage of the SHIELD Act (the Act) in New York, which expanded aspects of the state’s breach notification requirements (Breach Requirements) and created a statutory obligation to...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
Time is running out. The effective date of New York’s cybersecurity law mandating that organizations implement an information security program to protect “private information” of New York State residents, including employee...more
New York has joined California, Massachusetts, and Colorado in adopting a law that requires businesses that collect private information on residents to implement reasonable cybersecurity safeguards to protect that...more
New York recently amended its existing data breach notification law to expand the data breach notification obligations of persons and businesses (and state agencies) and impose specific data security requirements on persons...more
Features - International Updates (Excluding the EU) - India’s Draft Data Protection Bill: Another GDPR Around the Corner? India recently introduced the Personal Data Protection Bill 2018. ...more
On September 1, 2018, five new requirements included in the New York State Department of Financial Services’ (DFS) Cybersecurity Regulation go into effect – (1) audit trails, (2) application security, (3) data disposal...more
For many D&O insurers, the risk of exposure posed by cybersecurity incidents involving their insureds has been unclear at best. Cybersecurity incidents, and the corresponding shareholder claims that follow, pose unique and...more
As of August 28, 2017, insurance companies, banks, and other financial services companies regulated by the New York Department of Financial Services (“DFS”) must comply with an initial wave of new cybersecurity requirements...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more
New York Financial Regulator to Enforce First-of-Its-Kind Cybersecurity Regulations in Coming Weeks - On December 28, 2016, the New York Department of Financial Services (NYDFS) issued revised cybersecurity regulations...more
The revised regulations eliminate many of the categorical requirements in the original proposal and instead adopt a more risk-based approach. On December 28, 2016, the New York State Department of Financial Services...more