Educause Security Discussion mailing list archives
Re: Details of New York Data Breach Bill?
From: Sarah Stevens <sarah () STEVENS-TECHNOLOGIES COM>
Date: Mon, 14 Nov 2005 14:06:49 -0700
Most states that have enacted this law (now 21 states) have included in the provisions "any company that conducts business in <insert state> and/OR owns or licenses computerized data that includes private information about a <insert state> resident, has a legal obligation...". This article could be erroneous in it's paraphrasing of this law. I have pulled the entire law from the New York State Assembly Web Page, and even still cannot be certain that all entities that conduct business in NY are under the umbrella of this law. The bill itself refers to the "state technology law" and the "general business law". Here is the link to the New York State Assembly page that reproduces the EXACT law: http://assembly.state.ny.us/leg/?bn=A04254&sh=t
On Sat, 12 Nov 2005, Ken Connelly wrote: This article states "As long as a company conducts business in New
York
and owns or licenses computerized data that include private
information
about a New York resident, it has a legal obligation to notify ...". I am interpreting this to NOT mean an institution outside of New York
that
has students that have retained their New York residency. Any legal minds wish to comment ?This article seems to be fairly complete and yet not overly long. http://www.jonesday.com/pubs/pubs_detail.aspx?pubid=455622903 CHARLES MORROW-JONES wrote:According to an Infoworld story datelined last Friday* there is a
New York data breach notification statute scheduled to go into effect next month that appears to be fairly stringent.
Could someone who is familiar with the statute inform the list
about its provisions, particularly as they might pertain to students who attend universities in other states but who maintain their NY residency?
Thanks, Charles R. Morrow-Jones Director, Security Office of the CIO The Ohio State University morrow-jones.2 () osu edu -or- 614.292.1302 *http://www.infoworld.com/article/05/11/11/HNdatabreachbill_1.htm----------------------------------------------------------------------
-
Dick Jacobson e-mail : Dick.Jacobson () ndus NoDak edu ND HECN MultiUser Host SysAd office : IACC 206, NDSU NDUS IT Security Officer phone : 701-231-7385 ----------------------------------------------------------------------
-
--
Current thread:
- Details of New York Data Breach Bill? CHARLES MORROW-JONES (Nov 12)
- <Possible follow-ups>
- Re: Details of New York Data Breach Bill? Ken Connelly (Nov 12)
- Re: Details of New York Data Breach Bill? Melissa Guenther (Nov 13)
- Re: Details of New York Data Breach Bill? Cuocco, Patricia (Nov 14)
- Re: Details of New York Data Breach Bill? Tracy Mitrano (Nov 14)
- Re: Details of New York Data Breach Bill? Dick Jacobson (Nov 14)
- Re: Details of New York Data Breach Bill? Sarah Stevens (Nov 14)