Rachel Marmor of Davis Wright Tremaine writes: Washington, D.C. amended its data breach notification law (D.C. Act 23-268) on March 26, 2020, expanding the definition of personal information covered by the law and requiring businesses collecting data from D.C. residents to implement “reasonable security safeguards.” Because D.C. law already provides a private right of action…
Category: State/Local
New York SHIELD Act’s Reasonable Safeguard Requirements Became Effective on March 21st —Is Your Company Ready?
Despite the pandemic, life — and most laws — go on. Micaela McMurrough, Caleb Skeath and Micha Nandaraj Gallo of Covington and Burling posted a reminder yesterday: On March 21, 2020, the data security requirements of the New York SHIELD Act became effective. The Act, which amends New York’s General Business Law, represents an expansion of New…
NY SHIELD Act Data Security Requirements Effective This Month
Julia K. Kadish of Sheppard Mullin writes: Businesses collecting personal information from New York residents will soon be expected to apply enhanced data security requirements. The New York SHIELD Act, signed into law in July 2019, expanded breach notice requirements in October 2019. Now, On March 21, 2020, the remaining provisions related to data security will…
New York State Expected to Increase Enforcement of Cybersecurity Practices
Peter Marta, Jasmeet Ahuja, and Asmaa Awad-Farid of Hogan Lovells write: Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act…
New York state school districts face deadline to improve cyber security
Celia Watson Seupel reports: Protecting Saugerties school district data from hackers could cost $70,000 annually — money that’s “not going to improve the quality of education,” Board of Education Trustee Krista Barringer said. […] Protecting school district data from hackers has become mandatory. A new regulation adopted by the state Board of Regents took effect Jan. 29,…
Mississippi Public School Districts May Not Be Ready to Comply with New Statewide Cybersecurity Requirements
Adam V. Griffin and James A. Keith of Adams and Reese LLP explain: The Mississippi Department of Education (MDE) is seeking public comment on a proposed rule pertaining to cybersecurity that will require Mississippi public school districts to take substantial actions to prepare. The rule would require each district to: Implement 22 enumerated policies related…