• |

Sep. 11, 2019

New York’s New Cybersecurity Standards: Expanding Definitions and Requirements

  • Helen Kim
    Cybersecurity Law Report
Companies that own or license electronic private information of New York residents, even if they do not operate or conduct business in New York, are now subject to “reasonable security” requirements pursuant to New York’s first data security law, the Stop Hacks and Improve Electronic Data Security (SHIELD) Act. The law also updates data breach notification requirements, expanding the definition of breach to include even unauthorized access to – not acquisition of – private information. In this first installment of our two-part article series covering the SHIELD Act, we explore its requirements and definitions. Part two will include guidance on how to comply with the Act and what the future of enforcement in New York and beyond looks like. See also “The Hidden Requirements in NYDFS’ Cybersecurity Regulation” (Oct. 24, 2018).

To read the full article

Continue reading your article with a CSLR subscription.

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.