It would appear you work for a law firm with offices in New York. The
casual inquirer might wonder why you are asking the world at large instead
one of your legal experts. However, that's none of my business, so here's
the lead on your question.
After a 90 second Google search, I found this:
http://assembly.state.ny.us/leg/?bn=A04254&sh=t
Then I did a Ctrl+F on "encrypt" and found this:
"PRIVATE INFORMATION" SHALL MEAN PERSONAL INFORMATION IN COMBINATION WITH
ANY ONE OR MORE OF THE FOLLOWING DATA ELEMENTS, WHEN EITHER THE PERSONAL
INFORMATION OR THE DATA ELEMENT IS NOT ENCRYPTED OR ENCRYPTED WITH
AN ENCRYPTION KEY THAT HAS ALSO BEEN ACQUIRED:
(1) SOCIAL SECURITY NUMBER; (2) DRIVER`S LICENSE NUMBER OR NON-DRIVER
IDENTIFICATION CARD NUMBER; OR (3) ACCOUNT NUMBER, CREDIT OR DEBIT CARD
NUMBER, IN COMBINATION WITH ANY REQUIRED SECURITY CODE, ACCESS CODE, OR
PASSWORD WHICH WOULD PERMIT ACCESS TO AN INDIVIDUAL`S FINANCIAL ACCOUNT.
Then the law goes on to make certain provisions for PRIVATE INFORMATION.
You might want to read those, or ask one of your attorneys to.
Best of luck,
Eric
www.risk-averse.com
:-----Original Message-----
:From: Nay, Eric [mailto:ENay@manatt.com]
:Sent: Friday, January 20, 2006 4:41 PM
:To: incidents@securityfocus.com;
:security-management@securityfocus.com; ILTA Security
:Discussion Forum Listserv digest
:Subject: NY Privacy law similar to CA1386
:
:CA1396 gives a pass to anyone who loses backup tapes if they
:are encrypted. NY state just passed a similar law. Does
:anyone know if NY's law has a similar encryption exception?
:
:
:
:
:
:Eric Nay, CISSP #73370
:Security Engineer, Manatt, Phelps & Phillips LLP When asked
:why he robbed banks, Willie Sutton replied "Cause that's where
:the money was!"
:
:
:
:desk: 310.231.5653
:enay@manatt.com
:
:
:
:
:
:
