Jason C. Gavejian and Marlo Johnson Roebuck write:
The New Jersey Assembly on December 15 unanimously approved, by a vote of 75-0, a bill designed to better protect consumers from identify theft. Bill A3146, if approved by the Senate, would expand the state’s law to include disclosure of a breach of security of online accounts.
[…]
Notably, the New York assembly earlier introduced Bill A10190 which would amend New York’s data breach notification law (NY Gen. Bus. Law 899-aa). The proposed amendment would require entities which conduct business in New York State, and which own or license computerized data which includes private information to develop, implement, and maintain a comprehensive information security program which must be consistent with the safeguards for protection of personal information.
Read more on Jackson Lewis Workplace Privacy Data Management & Security Report.