Educause Security Discussion mailing list archives
Details of New York Data Breach Bill?
From: "Karl D. Hassler" <khassler () UDEL EDU>
Date: Tue, 15 Nov 2005 10:40:19 -0500
Link to the New York State Technology Law: http://public.leginfo.state.ny.us/menugetf.cgi?COMMONQUERY=LAWS Go to the link - you may have to try twice - its slow. Click on GBS for General Business Law Click on Article 39-F; Click on Section 899-aa. It says that "Any person or business which conducts business in New York state, and which owns or licenses computerized data which includes private information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the system to any resident of New York state whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization." To me, you must be doing business in New York to fall under this section of the law. To find section 208 of the State Technology Law (mentioned in both S3492 and A4254, from the above link: Click on STT for State Technology Click on Article 2 Click on Section 208 - Notification Section 208 only references State entities.
Attachment:
khassler.vcf
Description:
Current thread:
- Details of New York Data Breach Bill? Karl D. Hassler (Nov 15)
- <Possible follow-ups>
- Re: Details of New York Data Breach Bill? Keith Schoenefeld (Nov 15)
- Re: Details of New York Data Breach Bill? Jimmy Kuo (Nov 18)
- Re: Details of New York Data Breach Bill? Walter Matystik (Nov 18)