A bill before New York Gov. George Pataki is intended to head off
The “Information Security Breach and Notification Act” would require
all companies in New York that keep information that could be used in identity
theft to notify people affected by any breaches in security.
Sponsored by Assemblyman Jim Brennan, D-Brooklyn, the bill would cover
any business, state agency, organization or person who kept computerized
information identifying people’s driver’s license numbers, Social Security
numbers or credit card numbers, the Westchester
County Business Journal reported. It would require a person to be
contacted if their account information also includes passwords or other
information enabling a thief to access the accounts.
Failure to notify people that their personal or financial information
had been compromised would result in a $5,000 fine or $10 per person, whichever
amount is greater.
The bill would cover businesses and organizations of any size and the
personal information doesn’t need to be that of customers. Members of an
organization or employees whose information was breached would also have to be
Rules requiring consumer
notification of data security breaches are on the books in at least 15 states.
The New York bill – A4254 – unanimously passed the state’s Assembly and
Senate. If signed by the governor, it would take effect in four months.
To help prevent identity theft, authorities
warn consumers to look out for their own interests by reading their credit card
statements, reviewing their credit report once a year, and destroying unwanted
credit card offers.
If you think you’ve been a victim of identity theft, you are encouraged
to file a police report and a complaint with the state attorney general’s