Digital Policy Alert logo

United States of America: Reintroduced New York Bill S02659 amending data breach notification requirements

Policy overview

Description

Reintroduced New York Bill S02659 amending data breach notification requirements

On 3 January 2024, the New York Senate reintroduced Bill S02659, following its lapse in the Assembly, amending data breach notification requirements in the State's General Business Law and referred the Bill to the Internet and Technology Subcommittee. The Bill requires businesses which own, license, or maintain private personal information to notify affected New York residents within 15 days of discovery of a data breach.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
subnational
Government Branch
legislature
Government Body
parliament

Complete timeline of this policy change

Hide details
2023-01-24
under deliberation

On 24 January 2023, the New York Senate introduced Bill S02659 amending data breach notification re…

2023-06-21
rejected

On 21 June 2023, Bill S02659 amending data breach notification requirements in the State's General …

2024-01-03
under deliberation

On 3 January 2024, the New York Senate reintroduced Bill S02659, following its lapse in the Assembl…

2024-06-03
under deliberation

On 3 June 2024, the New York Senate passed Bill S02659, amending data breach notification requireme…

2024-12-12
adopted

On 12 December 2024, the New York Assembly adopted Bill S02659, amending data breach notification r…

2024-12-21
in force

On 21 December 2024, the New York Governor signed Bill S02659, amending data breach notification re…