Feeds

NY enacts security breaches disclosure law

Firms obliged to own up to gaffes

Internet Security Threat Report 2014

New York has enacted an information security breaches law which will oblige firms and local government agencies to notify customers in the state if their personal information is taken or its systems are hacked into.

The legislation is designed to promote a culture of security. It also helps protect consumers by giving them the information they need to head off possible identity theft when sensitive details such as Social Security, driver's license and credit card numbers become exposed. Organisation with customers in New York are obliged to notify these people of a breach as soon as practically possible.

The Information Security Breach and Notification Act in New York is broadly similar to security breaches laws enacted in California more than two years ago. Legislation requiring consumer notification of data security breaches has been approved in at least 15 states since then. Federal security disclosure laws are under consideration but opposed by some who fear it might dilute state laws, Red Herring reports.

New York's decision to press ahead with its legislation follows a series of high profile consumer data security breaches involving US firms including data mining firm ChoicePoint, payment processing firm CardSystems Solutions and others.

"The events of the last few months underscore the urgency of protecting consumers. If a person is not aware that he or she has been a victim of identity theft, then the damage done could be severe and irreversible. Prompt notification gives New Yorkers needed protections," said New York State Assembly member James Brennan, who sponsored the law. "In the last year, over 9,000 New Yorkers were exposed to identity theft because of inadequate security and poor notification procedures." ®

Remote control for virtualized desktops

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.