New York has joined the growing list of U.S. states requiring that companies notify their customers whenever private information has been compromised. On Wednesday, the state’s Information Security Breach
and Notification Act went into effect, according to a spokeswoman for the state’s attorney general, Eliot Spitzer.
The law, which is similar to California’s SB-1386 notification law, is one of a growing number of legislative and regulatory efforts that are forcing executives to pay more attention to security. According to a recent survey of security breach victims in the U.S., 20 percent of respondents said they had terminated their relationship with the company in charge of the data. Another 40 percent said they would consider doing so, according to the study, which was conducted this year by Ponemon Institute LLC, a privacy think tank in Tucson, Arizona.
— Robert McMillan