Educause Security Discussion mailing list archives
Re: Details of New York Data Breach Bill?
From: "Cuocco, Patricia" <Pcuocco () CALSTATE EDU>
Date: Mon, 14 Nov 2005 08:54:43 -0800
The California State University has 23 campuses - several of which have experienced data breaches since our law went into effect. We have had as many as 200,000 names and SSNs compromised and as few as 157. I personally handled one that was 23,500 names. The impact has been to cause us to think seriously about how to protect against breaches. We've also learned that many of the vulnerabilities occur in places or departments over which the CIO has little control. Our CIO group is discussing how best to address these vulnerabilities. Don't know what else I can tell you except that knowing ahead of time how you will respond is critical. A campus strategy that includes Public Affairs and press relations is essential. Patricia -----Original Message----- From: Melissa Guenther [mailto:mguenther () COX NET] Sent: Sunday, November 13, 2005 7:20 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Details of New York Data Breach Bill? California has had a similar law in effect for a few years - maybe one of the California Universities can share their experiences as to how it impacted their environments. ----- Original Message ----- From: "CHARLES MORROW-JONES" <morrow-jones.2 () OSU EDU> To: <SECURITY () LISTSERV EDUCAUSE EDU> Sent: Saturday, November 12, 2005 6:04 PM Subject: [SECURITY] Details of New York Data Breach Bill?
According to an Infoworld story datelined last Friday* there is a New York data breach notification statute scheduled to go into effect next
month
that appears to be fairly stringent. Could someone who is familiar with the statute inform the list about its provisions, particularly as they might pertain to students who attend universities in other states but who maintain their NY residency? Thanks, Charles R. Morrow-Jones Director, Security Office of the CIO The Ohio State University morrow-jones.2 () osu edu -or- 614.292.1302 *http://www.infoworld.com/article/05/11/11/HNdatabreachbill_1.htm
Current thread:
- Details of New York Data Breach Bill? CHARLES MORROW-JONES (Nov 12)
- <Possible follow-ups>
- Re: Details of New York Data Breach Bill? Ken Connelly (Nov 12)
- Re: Details of New York Data Breach Bill? Melissa Guenther (Nov 13)
- Re: Details of New York Data Breach Bill? Cuocco, Patricia (Nov 14)
- Re: Details of New York Data Breach Bill? Tracy Mitrano (Nov 14)
- Re: Details of New York Data Breach Bill? Dick Jacobson (Nov 14)
- Re: Details of New York Data Breach Bill? Sarah Stevens (Nov 14)