Stop Hacks and Improve Electronic Data Security – or SHIELD – Act (S.5575B/A.5635
New York state is strengthening a law requiring companies that handle consumers’ personal data to notify them about any data breaches.
Gov. Andrew Cuomo, a Democrat, on Thursday signed legislation that expands the law to cover any company holding personal data belonging to a New Yorker, and not just companies doing business in the state.
The new law, which takes effect in 240 days, will also add email addresses and passwords and biometric data to the list of information covered by the law.
The measure aims to ensure consumers know if personal data such as Social Security numbers are obtained by hackers.
Cuomo also signed a bill Thursday that requires credit reporting agencies to provide identify theft prevention services to consumers when their data is exposed during a breach.