The Superintendent for the New York Department of Financial Services recently announced a consent order assessing a $4.5 million penalty against a health insurance company for violations of the DFS Cybersecurity Regulations, 23 NYCRR, Part 500.
Posts published in “State & Local Regulation”
Beginning Jan. 1, businesses operating in the District of Columbia will face new challenges under the DC Council’s new debt collection law with costly penalties in place for those who don’t comply.
A group is pushing Arizona Proposition 209, a ballot measure they say will reduce the burden of “medical debt.” But while a small portion of Proposition 209 might relieve some of the burden of medical debt, other beneficiaries are swindlers and bad actors.
On Sept. 27, Michigan Sen. Rosemary Bayer and eight fellow Democrat cosponsors introduced Senate Bill 1182, which would create the Michigan Personal Data Privacy Act. The Michigan Legislature remains in session through the end of the year.
On July 29, 2022, the New York Department of Financial Services published pre-proposal draft amendments to its Cybersecurity Regulations, 23 NYCRR 500.00, et seq. , that if adopted will require covered entities to implement numerous policy and operational changes.
On May 10, Gov. Ned Lamont signed into law Substitute Senate Bill 6 (Public Act 22-15), Connecticut’s version of comprehensive consumer data privacy legislation. This makes Connecticut the fifth state to enact such legislation, following California, Virginia, Colorado, and Utah. The Act will go into effect July 1, 2023.
Medical debt continues to capture the attention of state and federal government, with lawmakers and regulators continuing to target how medical debt is collected and how it is reflected on a consumer credit report.
There remain over 30 comprehensive consumer data privacy bills pending in the states, but some are falling off the chart as the legislative sessions come to an end. While the number of active bills is decreasing, there is one new state data privacy law, and others that continue to show movement.
On March 24, Utah Gov. Spence Cox signed into law SB 227, the Utah Consumer Privacy Act. This makes Utah the fourth state, behind California, Virginia, and Colorado, to enact comprehensive consumer data privacy legislation.
In just a few weeks several provisions of the New York Consumer Credit Fairness Act (NYCCFA) will take effect.
There are currently over 40 comprehensive consumer data privacy bills pending in the states as we enter the third month (for most states) of the legislative sessions.
Despite the national and global events that took center stage in 2021, the upward trend in data privacy legislation at the state level continued and with the addition of the amendments to the Safeguards Rule, 2022 brings new compliance challenges for many businesses and financial institutions.