If you need HELP, SUPPORT or just have a GDPR question please call +44 (0) 208 133 2545 or email us at firstname.lastname@example.org.
Alternatively please visit our contact page
FREE GDPR Helpline
Call +44 (0) 208 133 2545
A new cybersecurity regulation came into effect on 1st of March in New York. The requirements aim to address the threat of hacking by ensuring adequate defences are in place. Steps include developing a cybersecurity program and having written policies to address access controls, business continuity and data governance. Annual reports are also required to be sent to the company’s board of directors and organisations must have a written incident report plan.
The regulation requires cybersecurity incidents to be reported within 72 hours, echoing a similar requirement in the EU General Data Protection Regulation for breaches of personal data to be reported within 72 hours. The GDPR will come into effect in May 2018 and will harmonise data privacy rules across the EU. It also applies globally to companies that use the data of any EU citizens. Harmonisation of international rules is beneficial in establishing an excellent global standard of data privacy and making it easier for companies to abide with international requirements.
Organisations will have 180 days to comply and potentially longer for some of the provisions, allowing a grace period to implement the requirements. There is some concern that organisations won’t have enough time to be fully compliant.
New York is known as a financial capital and is a likely target for cyber attacks. The New York Cybersecurity Regulation is thought to be the first of its kind to be taken on by a U.S. state and it’s possible that other states may follow its lead in future.
The introduction of the New York Cybersecurity Regulation and the General Data Protection Regulation indicate an intention to increase data protection on a substantial scale. The regulations will be affecting some of the largest and most international companies, allowing a bigger impact globally and encouraging other companies and countries to maintain a similar standard.