The New York State Attorney General has issued a report indicating that a record 1583 data breaches affecting 9.2 Million New Yorkers were reported to the NYAG in 2017. The information exposed included social security numbers (40%) and financial account information (33%). Hacking was the leading cause of the data security breaches. NYAG Eric Schneiderman warned “My office will continue to hold companies accountable for protecting the personal information they manage.” The NYAG has urged the New York State legislature to pass the SHIELD Act, which would require companies to adopt reasonable safeguards to protect sensitive data, including relevant policies and procedures.
OUR TAKE: The state regulators have taken a primary role in enforcing data protection safeguards. Make sure your compliance procedures have the necessary policies and procedures that include governance, incident response, vulnerability assessment, and vendor management.