Senate Bill S7940A

Vetoed By Governor
2017-2018 Legislative Session

Relates to clarifying that continuing care retirement communities are not subject to certain cybersecurity regulations

download bill text pdf

Sponsored By

Archive: Last Bill Status Via A10486 - Vetoed by Governor


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Vetoed By Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions
Votes

Bill Amendments

co-Sponsors

2017-S7940 - Details

Law Section:
Insurance Law
Laws Affected:
Amd §1119, Ins L

2017-S7940 - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-S7940 - Sponsor Memo

2017-S7940 - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   7940
 
                             I N  S E N A T E
 
                              March 12, 2018
                                ___________
 
 Introduced  by  Sens.  SEWARD, AKSHAR -- read twice and ordered printed,
   and when printed to be committed to the Committee on Insurance
 
 AN ACT to amend the  insurance  law,  in  relation  to  clarifying  that
   continuing  care  retirement communities are not subject to department
   of financial services cybersecurity regulations
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Section  1119 of the insurance law is amended by adding a
 new subsection (d) to read as follows:
   (D) EXCEPT AS EXPRESSLY REQUIRED  BY  THIS  SECTION,  AN  ORGANIZATION
 AUTHORIZED  TO  OPERATE UNDER ARTICLE FORTY-SIX OF THE PUBLIC HEALTH LAW
 SHALL NOT BE SUBJECT TO  THE  JURISDICTION  OF  THE  SUPERINTENDENT  AND
 REQUIRED  TO  COMPLY WITH RULES AND REGULATIONS OF THE SUPERINTENDENT ON
 MATTERS UNRELATED TO THE PROVISIONS OF THIS SECTION, INCLUDING, BUT  NOT
 LIMITED  TO,  REGULATIONS  RELATING  TO  CYBERSECURITY  REQUIREMENTS FOR
 FINANCIAL SERVICES COMPANIES.
   § 2. This act shall take effect immediately.
 
 
 
 
 
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD15067-01-8



              

co-Sponsors

2017-S7940A - Details

Law Section:
Insurance Law
Laws Affected:
Amd §1119, Ins L

2017-S7940A - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-S7940A - Sponsor Memo

2017-S7940A - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  7940--A
 
                             I N  S E N A T E
 
                              March 12, 2018
                                ___________
 
 Introduced  by  Sens.  SEWARD, AKSHAR -- read twice and ordered printed,
   and when printed to be committed to  the  Committee  on  Insurance  --
   committee  discharged,  bill amended, ordered reprinted as amended and
   recommitted to said committee
 
 AN ACT to amend the  insurance  law,  in  relation  to  clarifying  that
   continuing  care  retirement communities are not subject to department
   of financial services cybersecurity regulations
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Section  1119 of the insurance law is amended by adding a
 new subsection (d) to read as follows:
   (D) EXCEPT AS EXPRESSLY REQUIRED  BY  THIS  SECTION,  AN  ORGANIZATION
 AUTHORIZED  TO  OPERATE UNDER ARTICLE FORTY-SIX OF THE PUBLIC HEALTH LAW
 SHALL NOT BE SUBJECT TO  THE  JURISDICTION  OF  THE  SUPERINTENDENT  AND
 REQUIRED  TO  COMPLY WITH RULES AND REGULATIONS OF THE SUPERINTENDENT ON
 MATTERS UNRELATED TO THE PROVISIONS OF THIS SECTION, INCLUDING, BUT  NOT
 LIMITED  TO,  REGULATIONS  RELATING  TO  CYBERSECURITY  REQUIREMENTS FOR
 FINANCIAL SERVICES COMPANIES.    SUCH  ORGANIZATIONS  SHALL  INSTEAD  BE
 SUBJECT  TO THE JURISDICTION OF THE DEPARTMENT OF HEALTH ON SUCH MATTERS
 UNRELATED TO THE PROVISIONS OF THIS  SECTION,  INCLUDING  ANY  PERTINENT
 REGULATIONS OR OVERSIGHT REGARDING CYBERSECURITY REQUIREMENTS.
   § 2. This act shall take effect immediately.
 
 
 
 
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD15067-02-8



              

co-Sponsors

2017-S7940B (ACTIVE) - Details

Law Section:
Insurance Law
Laws Affected:
Amd §1119, Ins L

2017-S7940B (ACTIVE) - Summary

Authorizes continuing care retirement communities to adopt a written cybersecurity policy and requires such policies to be self-certified and approved by the superintendent.

2017-S7940B (ACTIVE) - Sponsor Memo

2017-S7940B (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  7940--B
     Cal. No. 1387
 
                             I N  S E N A T E
 
                              March 12, 2018
                                ___________
 
 Introduced  by  Sens.  SEWARD, AKSHAR -- read twice and ordered printed,
   and when printed to be committed to  the  Committee  on  Insurance  --
   committee  discharged,  bill amended, ordered reprinted as amended and
   recommitted to said committee -- reported favorably from said  commit-
   tee,  ordered  to first and second report, ordered to a third reading,
   amended and ordered reprinted, retaining its place  in  the  order  of
   third reading
 
 AN  ACT  to  amend  the  insurance  law,  in relation to clarifying that
   continuing care retirement communities are not subject  to  department
   of financial services cybersecurity regulations
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. Section 1119 of the insurance law is amended  by  adding  a
 new subsection (d) to read as follows:
   (D) SUCH ORGANIZATION MAY ADOPT A WRITTEN CYBERSECURITY POLICY THAT IS
 DESIGNED  TO  PROTECT  THE  CONFIDENTIALITY,  INTEGRITY  AND SECURITY OF
 NONPUBLIC INFORMATION AND IS IN COMPLIANCE WITH: (I) THE HEALTH INFORMA-
 TION TECHNOLOGY FOR ECONOMIC AND CLINICAL  HEALTH  ACT  ("HITECH"),  THE
 HEALTH  INSURANCE  PORTABILITY  AND  ACCOUNTABILITY  ACT  ("HIPAA"), THE
 GRAMM-LEACH-BLILEY ACT; AND (II) ALL OTHER APPLICABLE CYBERSECURITY  AND
 PRIVACY  PROTECTIONS  GOVERNING NURSING HOMES, ADULT CARE FACILITIES AND
 ASSISTED LIVING RESIDENCES TO THE EXTENT THE  PROTECTIONS  GOVERN  THOSE
 COMPONENTS  OF  SUCH ORGANIZATION'S OPERATIONS. THE CYBERSECURITY POLICY
 SHALL BE SELF-CERTIFIED BY SUCH  ORGANIZATION  AND  SUCH  SELF-CERTIFIED
 CYBERSECURITY  POLICY SHALL BE FILED WITH THE SUPERINTENDENT.  THE SELF-
 CERTIFICATION  SHALL  ATTEST  THAT  THE   POLICY   PROVIDES   SUFFICIENT
 PROTECTIONS OF NONPUBLIC INFORMATION IN A MANNER WHICH IS NOT INCONSIST-
 ENT  WITH  THE  GOALS OF THE CYBERSECURITY POLICIES ADOPTED BY FINANCIAL
 SERVICES COMPANIES PURSUANT TO REGULATIONS  PROMULGATED  BY  THE  SUPER-
 INTENDENT.  SUCH  SELF-CERTIFICATION SHALL BE DEEMED COMPLIANT WITH SUCH
 REGULATIONS APPLICABLE TO FINANCIAL SERVICES COMPANIES. THE  SUPERINTEN-
 DENT  SHALL  REVIEW  THE ACCURACY AND REASONABLENESS OF THE ATTESTATION.
 UNLESS THE SUPERINTENDENT OBJECTS TO THE ATTESTATION WITHIN  SIXTY  DAYS
 FROM  THE  DATE  IT  IS  SUBMITTED,  SUCH  ATTESTATION  SHALL  BE DEEMED
 APPROVED.
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.