NY State Assembly Bill 2017-A10486

Assembly Bill A10486

Vetoed By Governor

2017-2018 Legislative Session

Relates to clarifying that continuing care retirement communities are not subject to certain cybersecurity regulations

download bill text pdf

Archive: Last Bill Status - Vetoed by Governor

Introduced
- In Committee Assembly
- In Committee Senate
- On Floor Calendar Assembly
- On Floor Calendar Senate
- Passed Assembly
- Passed Senate
Vetoed By Governor
Signed By Governor

Please enter your contact information

First Name

Last Name

Email Address

A valid email address is required.

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Actions

View Actions

	Assembly Actions - Lowercase Senate Actions - UPPERCASE
Dec 07, 2018	tabled vetoed memo.293
Nov 26, 2018	delivered to governor
Jun 18, 2018	returned to assembly passed senate 3rd reading cal.1387 substituted for s7940b referred to rules delivered to senate passed assembly
Jun 13, 2018	amended on third reading 10486b
Jun 12, 2018	ordered to third reading rules cal.122 rules report cal.122
Jun 11, 2018	reported
Jun 07, 2018	reported referred to rules
Jun 06, 2018	print number 10486a
Jun 06, 2018	amend (t) and recommit to insurance
Apr 30, 2018	referred to insurance

Votes

- Jun 18, 2018 - Floor Vote
  A10486
  
  62
  
  Aye
  
  0
  
  Nay
  
  0
  
  Absent
  
  1
  
  Excused
  
  0
  
  Abstained
  - - Floor Vote: Jun 18, 2018
      
      aye (62)
      
      Addabbo Jr.
      
      Akshar
      
      Alcantara
      
      Amedore
      
      Avella
      
      Bailey
      
      Benjamin
      
      Bonacic
      
      Boyle
      
      Breslin
      
      Brooks
      
      Carlucci
      
      Comrie
      
      DeFrancisco
      
      Dilan
      
      Felder
      
      Flanagan
      
      Funke
      
      Gallivan
      
      Gianaris
      
      Golden
      
      Griffo
      
      Hamilton
      
      Hannon
      
      Helming
      
      Hoylman-Sigal
      
      Jacobs
      
      Kaminsky
      
      Kavanagh
      
      Kennedy
      
      Klein
      
      Krueger
      
      LaValle
      
      Lanza
      
      Larkin
      
      Little
      
      Marcellino
      
      Marchione
      
      Mayer
      
      Montgomery
      
      Murphy
      
      O'Mara
      
      Ortt
      
      Parker
      
      Peralta
      
      Persaud
      
      Phillips
      
      Ranzenhofer
      
      Ritchie
      
      Rivera
      
      Robach
      
      Sanders Jr.
      
      Savino
      
      Sepúlveda
      
      Serino
      
      Serrano
      
      Seward
      
      Stavisky
      
      Stewart-Cousins
      
      Tedisco
      
      Valesky
      
      Young
      
      excused (1)
      
      Croci

Bill Amendments

Original

B (Active)

co-Sponsors

2017-A10486 - Details

See Senate Version of this Bill:: S7940
Law Section:: Insurance Law
Laws Affected:: Amd §1119, Ins L
Versions Introduced in Other Legislative Sessions:: 2019-2020: A1185
2021-2022: A749

2017-A10486 - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-A10486 - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   10486
 
                           I N  A S S E M B L Y
 
                              April 30, 2018
                                ___________
 
 Introduced  by M. of A. CAHILL, LUPARDO -- read once and referred to the
   Committee on Insurance
 
 AN ACT to amend the  insurance  law,  in  relation  to  clarifying  that
   continuing  care  retirement communities are not subject to department
   of financial services cybersecurity regulations
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Section  1119 of the insurance law is amended by adding a
 new subsection (d) to read as follows:
   (D) EXCEPT AS EXPRESSLY REQUIRED  BY  THIS  SECTION,  AN  ORGANIZATION
 AUTHORIZED  TO  OPERATE UNDER ARTICLE FORTY-SIX OF THE PUBLIC HEALTH LAW
 SHALL NOT BE SUBJECT TO  THE  JURISDICTION  OF  THE  SUPERINTENDENT  AND
 REQUIRED  TO  COMPLY WITH RULES AND REGULATIONS OF THE SUPERINTENDENT ON
 MATTERS UNRELATED TO THE PROVISIONS OF THIS SECTION, INCLUDING, BUT  NOT
 LIMITED  TO,  REGULATIONS  RELATING  TO  CYBERSECURITY  REQUIREMENTS FOR
 FINANCIAL SERVICES COMPANIES.    SUCH  ORGANIZATIONS  SHALL  INSTEAD  BE
 SUBJECT  TO THE JURISDICTION OF THE DEPARTMENT OF HEALTH ON SUCH MATTERS
 UNRELATED TO THE PROVISIONS OF THIS  SECTION,  INCLUDING  ANY  PERTINENT
 REGULATIONS OR OVERSIGHT REGARDING CYBERSECURITY REQUIREMENTS.
   § 2. This act shall take effect immediately.
 
 
 
 
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD15486-02-8

co-Sponsors

2017-A10486A - Details

See Senate Version of this Bill:: S7940
Law Section:: Insurance Law
Laws Affected:: Amd §1119, Ins L
Versions Introduced in Other Legislative Sessions:: 2019-2020: A1185
2021-2022: A749

2017-A10486A - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-A10486A - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                 10486--A
 
                           I N  A S S E M B L Y
 
                              April 30, 2018
                                ___________
 
 Introduced by M. of A. CAHILL, LUPARDO, LIFTON -- read once and referred
   to  the  Committee on Insurance -- committee discharged, bill amended,
   ordered reprinted as amended and recommitted to said committee
 
 AN ACT to amend the insurance law, in relation to authorizing continuing
   care retirement communities to adopt a written cybersecurity policy

   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Section  1119 of the insurance law is amended by adding a
 new subsection (d) to read as follows:
   (D) SUCH ORGANIZATION MAY ADOPT A WRITTEN CYBERSECURITY POLICY THAT IS
 DESIGNED TO PROTECT  THE  CONFIDENTIALITY,  INTEGRITY  AND  SECURITY  OF
 NONPUBLIC  INFORMATION AND IS IN COMPLIANCE WITH, THE HEALTH INFORMATION
 TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT ("HITECH"),  THE  HEALTH
 INSURANCE PORTABILITY AND ACCOUNTABILITY ACT ("HIPAA"), THE GRAMM-LEACH-
 BLILEY   ACT   AND   ALL  OTHER  APPLICABLE  CYBERSECURITY  AND  PRIVACY
 PROTECTIONS GOVERNING NURSING HOMES, ADULT CARE FACILITIES AND  ASSISTED
 LIVING  RESIDENCES.  THE CYBERSECURITY POLICY SHALL BE SELF-CERTIFIED BY
 SUCH ORGANIZATION AND SUCH SELF-CERTIFIED CYBERSECURITY POLICY SHALL  BE
 FILED WITH THE SUPERINTENDENT.  THE SELF-CERTIFICATION SHALL ATTEST THAT
 THE POLICY PROVIDES SUFFICIENT PROTECTIONS OF NONPUBLIC INFORMATION IN A
 MANNER  WHICH  IS  NOT  INCONSISTENT WITH THE GOALS OF THE CYBERSECURITY
 POLICIES ADOPTED BY FINANCIAL SERVICES COMPANIES PURSUANT TO REGULATIONS
 PROMULGATED BY THE  SUPERINTENDENT.  SUCH  SELF-CERTIFICATION  SHALL  BE
 DEEMED  COMPLIANT WITH SUCH REGULATIONS APPLICABLE TO FINANCIAL SERVICES
 COMPANIES. THE SUPERINTENDENT SHALL REVIEW THE ACCURACY AND  REASONABLE-
 NESS OF THE ATTESTATION. UNLESS THE SUPERINTENDENT OBJECTS TO THE ATTES-
 TATION WITHIN SIXTY DAYS FROM THE DATE IT IS SUBMITTED, SUCH ATTESTATION
 SHALL BE DEEMED APPROVED.
   § 2. This act shall take effect immediately.
 
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD15486-06-8

co-Sponsors

2017-A10486B (ACTIVE) - Details

See Senate Version of this Bill:: S7940
Law Section:: Insurance Law
Laws Affected:: Amd §1119, Ins L
Versions Introduced in Other Legislative Sessions:: 2019-2020: A1185
2021-2022: A749

2017-A10486B (ACTIVE) - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-A10486B (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                 10486--B
                                                            R. R. 122
 
                           I N  A S S E M B L Y
 
                              April 30, 2018
                                ___________
 
 Introduced by M. of A. CAHILL, LUPARDO, LIFTON -- read once and referred
   to  the  Committee on Insurance -- committee discharged, bill amended,
   ordered reprinted as amended and  recommitted  to  said  committee  --
   reported  and  referred  to  the  Committee on Rules -- amended on the
   special order of third reading, ordered reprinted as amended,  retain-
   ing its place on the special order of third reading
 
 AN ACT to amend the insurance law, in relation to authorizing continuing
   care retirement communities to adopt a written cybersecurity policy
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. Section 1119 of the insurance law is amended  by  adding  a
 new subsection (d) to read as follows:
   (D) SUCH ORGANIZATION MAY ADOPT A WRITTEN CYBERSECURITY POLICY THAT IS
 DESIGNED  TO  PROTECT  THE  CONFIDENTIALITY,  INTEGRITY  AND SECURITY OF
 NONPUBLIC INFORMATION AND IS IN COMPLIANCE WITH: (I) THE HEALTH INFORMA-
 TION TECHNOLOGY FOR ECONOMIC AND CLINICAL  HEALTH  ACT  ("HITECH"),  THE
 HEALTH  INSURANCE  PORTABILITY  AND  ACCOUNTABILITY  ACT  ("HIPAA"), THE
 GRAMM-LEACH-BLILEY ACT; AND (II) ALL OTHER APPLICABLE CYBERSECURITY  AND
 PRIVACY  PROTECTIONS  GOVERNING NURSING HOMES, ADULT CARE FACILITIES AND
 ASSISTED LIVING RESIDENCES TO THE EXTENT THE  PROTECTIONS  GOVERN  THOSE
 COMPONENTS  OF  SUCH ORGANIZATION'S OPERATIONS. THE CYBERSECURITY POLICY
 SHALL BE SELF-CERTIFIED BY SUCH  ORGANIZATION  AND  SUCH  SELF-CERTIFIED
 CYBERSECURITY  POLICY SHALL BE FILED WITH THE SUPERINTENDENT.  THE SELF-
 CERTIFICATION  SHALL  ATTEST  THAT  THE   POLICY   PROVIDES   SUFFICIENT
 PROTECTIONS OF NONPUBLIC INFORMATION IN A MANNER WHICH IS NOT INCONSIST-
 ENT  WITH  THE  GOALS OF THE CYBERSECURITY POLICIES ADOPTED BY FINANCIAL
 SERVICES COMPANIES PURSUANT TO REGULATIONS  PROMULGATED  BY  THE  SUPER-
 INTENDENT.  SUCH  SELF-CERTIFICATION SHALL BE DEEMED COMPLIANT WITH SUCH
 REGULATIONS APPLICABLE TO FINANCIAL SERVICES COMPANIES. THE  SUPERINTEN-
 DENT  SHALL  REVIEW  THE ACCURACY AND REASONABLENESS OF THE ATTESTATION.
 UNLESS THE SUPERINTENDENT OBJECTS TO THE ATTESTATION WITHIN  SIXTY  DAYS
 FROM  THE  DATE  IT  IS  SUBMITTED,  SUCH  ATTESTATION  SHALL  BE DEEMED
 APPROVED.
   § 2. This act shall take effect immediately.

  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD15486-10-8

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Assembly Bill A10486

Share this bill

Sponsored By

CAHILL

Archive: Last Bill Status - Vetoed by Governor

Bill Amendments

co-Sponsors

Donna Lupardo

Barbara Lifton

2017-A10486 - Details

2017-A10486 - Summary

2017-A10486 - Bill Text download pdf

co-Sponsors

Donna Lupardo

Barbara Lifton

2017-A10486A - Details

2017-A10486A - Summary

2017-A10486A - Bill Text download pdf

co-Sponsors

Donna Lupardo

Barbara Lifton

2017-A10486B (ACTIVE) - Details

2017-A10486B (ACTIVE) - Summary

2017-A10486B (ACTIVE) - Bill Text download pdf

Comments