The General Data Protection Regulation—or something like it—could be coming to the Big Apple.
CyberScoop reports:
The state’s lawmakers are debating whether to approve a bill that would update the state’s data breach notification law to cover more personal information and force firms to disclose ransomware infections, among other measures.
The SHIELD Act requires notification to affected individuals “without unreasonable delay,” a time period that typically means 30 days, according to state Sen. Kevin Thomas, who re-introduced the bill after a failed attempt to do so in 2017.
