Tag Archives: New York

New York State Adds Health Care Geofencing Prohibition, Taking a More Measured Approach Than Washington’s Similar Ban

Photo of Nichole SterlingPhoto of Andreas KaltsounisBy Nichole Sterling and Andreas Kaltsounis on Posted in Healthcare
Abstract glowing grid background with particles in the centerAs part of the health budget bill signed by Governor Hochul in early May, New York has amended its General Business Law, introducing a prohibition on geofencing of health care facilities that goes into effect on July 2, 2023 – just three weeks before a similar ban in Washington state. This addition to the General … Continue Reading

What About the Robots That Are Already Here? New York City to Begin Enforcement of Artificial Intelligence Applications Related to Applicants and Employees Through the NYC Automated Employment Decision Tools Law on July 5, 2023

Photo of James A. ShererPhoto of Brittany YantisBy James A. Sherer and Brittany Yantis on Posted in AI
Artificial intelligenceOn January 1, 2023, New York City became the first jurisdiction in the United States to regulate employers’ use of automated employment decision tools (AEDTs) in the hiring and promotion process. Local Law 144 (the NYC AEDT Law), which requires anyone who uses (or wants to use) an AEDT to first conduct a bias audit … Continue Reading

NYDFS Proposed Amendments to Its Cybersecurity Rules

Photo of Patrick H. HaggertyPhoto of Elise ElamBy Patrick H. Haggerty and Elise Elam on Posted in Cybersecurity
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a mandatory 24-hour notification for cyber ransom payments, specific requirements for newly defined larger entities, increased expectations for oversight of … Continue Reading

New York Brings Long-Awaited Cybersecurity Message Case

Photo of Jonathan A. FormanBy Jonathan A. Forman and Eulonda Skyles on Posted in Cybersecurity
Ever since the New York State Department of Financial Services (DFS) instituted its first-in-the-nation Cybersecurity Regulation[1] in 2017 (covered in our post here), banks, insurance companies, and others in the financial services industry wondered what would trigger an enforcement action under its broad purview. At long last, the industry now knows. On July 22, 2020, … Continue Reading

New York DFS Updates FAQs to Clarify Applicability of Cybersecurity Regulation

Photo of Melinda L. McLellanPhoto of Jonathan A. FormanBy Melinda L. McLellan and Jonathan A. Forman on Posted in Financial Privacy, State Legislation
With the first compliance deadline now less than two months away, the New York Department of Financial Services (NYDFS) has provided additional clarity concerning its new Cybersecurity Requirements for Financial Services Companies (the “Cybersecurity Regulation”) by publishing an update to previously issued Frequently Asked Questions. We reported on the forthcoming Cybersecurity Regulation in January and … Continue Reading

New York Department of Financial Services Sets Forth Extensive Cybersecurity Regulatory Framework Proposal

By Suchismita Pahi and Kathryn Mellinger on Posted in Cybersecurity, Information Security, State Legislation
On November 9, 2015, the New York State Department of Financial Services (NYDFS) issued a letter to the members of the Financial and Banking Information Infrastructure Committee (FBIIC) detailing a new cybersecurity framework proposal for “covered entities,” or financial institutions regulated by NYDFS. The framework builds on data from NYDFS reports surveying cybersecurity programs from … Continue Reading

Dear Lawmakers, Your New Breach Notice Laws Should Address These Issues

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Breach Notification, Data Breach Notification Laws, State Legislation
The days of companies being so afraid of the reputational impact of a breach that they would look for any way possible to avoid disclosure are gone.  The pendulum has swung in the opposite direction.  Now companies, often in the name of being “completely transparent” with their customers, want to disclose incidents as soon as … Continue Reading

New York Attorney General Announces Proposal to Revamp State Data Security Laws

Photo of Melinda L. McLellanBy Melinda L. McLellan on Posted in Breach Notification, Data Breach Notification Laws, State Legislation
On January 15, 2015, New York Attorney General Eric Schneiderman indicated that he plans to propose legislation to update New York’s information security laws, including by revising the definition of “private information” under the state’s data security breach notification statute. Schneiderman’s proposal comes on the heels of President Obama’s January 13, 2015, unveiling of measures … Continue Reading

New York Attorney General Report Shows the Number of Data Breaches is on the Rise and Recommends Steps to Take for Protecting Against Them

Photo of Carrie Dettmer SlyeBy Carrie Dettmer Slye on Posted in Data Breaches, State Legislation
On July 15, 2014, the New York Attorney General issued a report examining the growing number and costs of data breaches in the state of New York.  The report titled, “Information Exposed: Historical Examination of Data Security in New York State,” analyzes eight years’ worth of security breach data collected by the Attorney General and … Continue Reading
LexBlog