INTERIM Lege Trend: State Proposes 6 Data Security Standards for Businesses.

New York Legislature, at the behest of its Attorney General, is strengthening its data security laws. 

Assembly Bill 6866 adds new data to protection requirements and increases penalties.

This bill creates these standards that establish compliance with the law for businesses:

  • a business that protects data more than the law requires
  • a business that complies with Gramm-Leach-Bliley Act
  • a business that meets international standards for information security
  • a business that complies with HIPPA
  • a business that complies with current National Institute of Standards and Technology Standards Special Publication 800-53
  • a business that:
    • has a designated security employee
    • identifies reasonably foreseeable security risks
    • assesses safeguards and risks
    • selects providers that are have appropriate safeguards
    • regularly tests and monitors its business systems
    • maintains a Security Program Practices & Procedures
    • disposes of information in a manner that does not allow the information to be read or reconstructed

New York A06866

image



Thank you for subscribing to our newsletter.
Great things are just around the corner!