NEW YORK — New York Attorney General Eric Schneiderman has put forward legislation designed to further protect New Yorkers from data breaches and close gaps in the state’s current security laws.
The Attorney General’s Office recently announced the introduction of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act), the creation of which was spurred by the recent Equifax breach. The legislation was introduced as a program bill sponsored by Sen. David Carlucci and Assemblyman Brian Kavanagh.
“It’s clear that New York’s data security laws are weak and outdated,” Schneiderman said in a news release. “The SHIELD Act would help ensure these hacks never happen in the first place. It’s time for Albany to act so that no more New Yorkers are needlessly victimized by weak data security measures and criminal hackers who are constantly on the prowl.”
Schneiderman office said it handled a record 13,000 data breach notifications, a 60 percent increase over 2016. Also, according to the New York Attorney General’s office, the Equifax data breach affected more than 8 million New Yorkers.
Under the SHIELD Act, the types of data that trigger reporting requirements would be expanded to include username-and-password combinations, biometric data and HIPPA-covered health data. The bill also calls for incentives to companies using independent certification of their data security measures.