Epstein Becker Green Act Now Advisory: New York Joins the Wave of States Requiring Businesses to Adopt Reasonable Cybersecurity Safeguards to Protect Private Information
Privacy & Cybersecurity
Epstein Becker Green Act Now Advisory: New York Joins the Wave of States Requiring Businesses to Adopt Reasonable Cybersecurity Safeguards to Protect Private Information
August 12, 2019
New York has joined California, Massachusetts, and Colorado in adopting a law that requires businesses that collect private information on residents to implement reasonable cybersecurity safeguards to protect that information. New York’s law mandates the implementation of a data security program, including measures such as risk assessments, workforce training, incident response planning and testing, and secure data destruction protocols. Businesses should immediately begin the process to comply with the law’s requirements effective March 21, 2020. Notably, New York’s law covers all businesses, employers, or individuals, regardless of size or location, who collect private information on New York State residents.
Download to read more...