|
New
legislation has been signed into law by Gov. George Pataki that will
help prevent identity theft by requiring both public and private
organizations to notify their customers when they believe a security
breach has occurred to their systems that could leave confidential
information open to exploitation.
“Identity
theft is a gross violation of privacy that can have disastrous
consequences for unsuspecting victims," Pataki said. “This
legislation will help protect New Yorkers by ensuring that if
there’s an incident businesses and governments will notify
consumers that their personal and confidential information may have
been compromised. This early notification will help potential victims
protect themselves and minimize any disruption to their lives.”
The
Information Security Breach and Notification Act requires that without
unreasonable delay any resident of New York State be notified if their
private information such as social security number, driver’s
license number or financial account numbers was obtained without proper
authorization. In the event of a breach, people that are impacted would
be notified by mail, email, public notices on websites or through the
media.
Whenever
5,000 or more residents are affected by a security breach, the State
Attorney General, the State Consumer Protection Board and the Office of
Cyber Security and Critical Infrastructure Coordination must be
notified. In addition, the incident would be reported to consumer
reporting agencies such as Equifax, Transunion and Experian. Violations
of this law can result in civil action brought by the Attorney General
who would seek restitution for the victims and fines on the offending
entity.
Several
high profile incidents across the nation raised awareness of the real
and growing problem of identity theft. In April 2005, Gov.
Pataki’s Office of Cyber Security and Critical Infrastructure
Coordination issued a policy requiring state agencies to notify
individuals in the event that private information is released from a
security breach. In addition, local governments are required to develop
a policy or pass a local law that is consistent with the act. 9-20-05
|
