STATE OF NEW YORK
________________________________________________________________________
5925
2015-2016 Regular Sessions
IN ASSEMBLY
March 9, 2015
___________
Introduced by M. of A. SANTABARBARA, BRINDISI -- read once and referred
to the Committee on Consumer Affairs and Protection
AN ACT to amend the general business law, in relation to disclosure of
breaches of the security of the system
The People of the State of New York, represented in Senate and Assem-bly, do enact as follows:
1 Section 1. Subdivision 2 of section 899-aa of the general business
2 law, as added by chapter 442 of the laws of 2005, is amended to read as
3 follows:
4 2. Any person or business which conducts business in New York state,
5 and which owns or licenses computerized data which includes private
6 information shall disclose any breach of the security of the system
7 [following] within five days of the discovery or notification of the
8 breach in the security of the system to any resident of New York state
9 whose private information was, or is reasonably believed to have been,
10 acquired by a person without valid authorization. [The disclosure shall
11 be made in the most expedient time possible and without unreasonable
12 delay, consistent with the legitimate needs of law enforcement, as
13 provided in subdivision four of this section, or any measures necessary
14 to determine the scope of the breach and restore the reasonable integri-
15 ty of the system.]
16 § 2. This act shall take effect immediately.
EXPLANATION--Matter in italics (underscored) is new; matter in brackets
[] is old law to be omitted.
LBD09302-01-5
