On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards.
Read more on Hunton & Williams Privacy & Information Security Law Blog. So far, there does not appear to be any companion or mirror bill proposed in the state Senate, so this may not be going anywhere in a hurry, if at all, even though it is a bill that privacy advocates might want to support.