Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

NY Data Law Takes Effect

NEW YORK -- New data privacy rules in New York state are making life more difficult for affected companies, warned IT managers and CIOs attending this week's Interop tradeshow.

Last week, New York's Information Security Breach and Notification Act went into effect; thus forcing companies to rethink how they handle data and report breaches. It applies to "state entities and persons or businesses conducting business in New York who own or license computerized data which includes private information."

Behind the legalese is this: Lawmakers in New York are prepared to come down hard on firms that lose sensitive infomation. Failure to disclose data breaches to consumers may result in fines of up to $150,000. Although there is no specified timeframe for reporting a breach, the law urges users to do so "in the most expedient time possible without unreasonable delay."

The act, which follows similar legislation in California, comes after a number of high-profile corporate data snafus. (See Financial Security: Priceless, Don't Be a Data Privacy Dunce and IT Managers Sweat Security.)

But IT execs at Interop are concerned about adding yet another layer of control to systems already straining under a slew of compliance requirements. (See Users Splash Cash on SOX.) "We're really struggling," admitted the vice president of technology of a systems integrator in the financial services sector, who asked not to be named. "It's very difficult. We spend so much time scrutinizing what products to bring into our environment."

  • 1