US Corporate Law News: Compliance deadline for New York cybersecurity law approaches

12 August 2018 | Applicable law: US

On September 1, 2018, the next New York State cybersecurity law compliance deadline will go into effect. The law was originally passed in March 2017, but deadlines for various aspects of compliance have gradually been put in place over the past two years. 

For this upcoming deadline, financial institutions will be required to maintain an audit trail for all financial transactions for five years. Encryption will be required for all regulated data and such data must be erased when it is no longer needed. For security events, banks will be required to maintain an audit trail for three years. Prior to this deadline, banks have only been required to maintain such data for between 30 and 60 days. The penalty for noncompliance has not been announced by the New York Department of Financial Services up to this point.

For more information see here and here.

This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.


Related experience

As a full-service law firm, we are able to provide advice and information about a wide range of other issues. Here are some related areas.

Join the club

We have lots more news and information that you'll find informative and useful. Let us know what you're interested in and we'll keep you up to date on the issues that matter to you.