The New York State Department of Health has issued an urgent cybersecurity advisory (the Advisory) warning of increased threat levels and a higher likelihood of cybersecurity attacks from Iranian state-backed actors following U.S. military strikes on the Fordow, Natanz, and Isfahan nuclear facilities in Iran. The Advisory warns that “intelligence sources indicate a high likelihood […]
New York
New York Passes Health Privacy Law – Your Questions Answered
The New York State legislature passed the Health Information Privacy Act (“NYHIPA”) on January 22, 2025, marking the second state to introduce a comprehensive consumer health data law. If passed, the NYHIPA imposes more stringent obligations on organizations that handle “regulated health information. (“RHI”). You’ve got questions – we’ve got answers. How is “regulated health […]
New York Amends Data Breach Notification Law with Immediate Implications
In late December 2024, the New York Governor signed two bills (S2659B and S2376B) amending the state’s data breach notification law (N.Y. Gen. Bus. Law § 899-aa), to expand the definition of reportable personal information and impose new covered entity reporting obligations in the event of a data breach. Effective immediately, companies will have 30 […]