News & Knowledge

Add to Portfolio

VLP Partner Melissa Krasnow Quoted in Law360 on New York Data Security Law

Posted on Nov 21, 2019 in Privacy, News by Melissa Krasnow

VLP Partner Melissa Krasnow was quoted in the Law360 article “NY Data Security Law To Make State A More Active Enforcer”.

The article described the New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which builds on a trend among states of expanding the obligations and types of information covered by existing breach reporting laws while crafting standards for how companies need to protect the personal information they hold.

The portion of the SHIELD Act that broadens the state’s breach notification requirements went into effect on October 23, 2019, and the new requirement that companies adopt reasonable safeguards to protect state residents’ data is slated to kick in on March 1, 2020.

While the New York attorney general actively enforces in these areas, Ms. Krasnow told Law360: “….expect to see more breach notification and data security enforcement from the New York attorney general.”

While the crux of attention in recent months has focused on the California Consumer Privacy Act, businesses also need to take the SHIELD Act into account in terms of incident response preparation and in terms of the SHIELD Act’s data security program requirements, including service provider contract language.

According to Ms. Krasnow: “While businesses are implementing contract language for the California Consumer Privacy Act [which becomes operative January 1, 2020], they also should be considering and taking steps to implement contract language for the SHIELD Act.”

To read the entire article, please click here.