NYS Agencies Urge New Yorkers to Secure Personal Data

In observance of Data Privacy Week, the New York State Office of Information Technology Services (ITS) and other State agencies today encouraged New Yorkers to protect their personal information online and urged both residents and businesses to take proactive steps to safely manage that data.

Aligned with this year’s theme, “Take Control of Your Data,” ITS, along with the Department of Taxation and Finance, Department of Financial Services, Division of Homeland Security and Emergency Services, and the Department of State are working together to raise overall awareness about the importance of data privacy. This includes sharing concrete steps to safeguard personal information, including adjusting privacy settings on applications and accounts, strengthening account security with robust passwords and multifactor authentication (MFA), and ensuring devices are protected with the latest security updates.

Data Privacy Week begins on January 27, with the goal to educate the public on how to manage personal information online safely and easily, as well as help businesses and other organizations understand the importance of data privacy for users and other stakeholders.

New York State was once again named a Data Privacy Champion this year by the National Cybersecurity Alliance, a non-profit organization that promotes cybersecurity and the safe use of technology. This designation recognizes the state’s commitment to encouraging and empowering individuals and organizations to respect data privacy and manage personal information more carefully. Last year, Governor Hochul signed into law the Child Data Protection Act, which ensures the privacy and protection of the personal data of New Yorkers under the age of 18.

ITS Chief Information Officer Dru Rai said, “Under Governor Hochul’s leadership, the State continues to emphasize just how important it is to protect the personal and confidential information of all New Yorkers. We believe that Data Privacy Week is not just a reminder, but also a call to action: empowering individuals and organizations alike to prioritize privacy, safeguard personal information, and ensure that trust remains the foundation of our digital future.”

ITS Chief Risk & Privacy Officer Michele Jones said, “As we embark on Data Privacy Week, it’s a crucial moment for both individuals and organizations to reflect on the importance of safeguarding personal information. This week serves as an important milestone in the defense of our personal privacy as a fundamental right. By prioritizing privacy, we build trust and create safer digital spaces, now and for the future.”

Online platforms retain and track the personal information of users, including names and payment information. Data privacy is crucial for protecting personally identifiable information (PII) from bad actors who would leverage this information for nefarious purposes, including identity theft.

New Yorkers can control how their data is collected and keep their personal information private and secure, with a few simple steps:

• Keep devices and applications up to date. Enable automatic updates when possible. Review and consider enabling additional security features built into mobile devices, such as programs that encrypt data and remotely eliminate saved date if the device is lost or stolen.
• Use long, unique and complex passwords for every account. Consider using passphrases made up of multiple short words that are easy to remember but difficult to guess. Avoid using famous or common phrases.
• Enable MFA on devices and accounts whenever possible. A password and another factor, such as a code from an app on your phone, make it much harder for unauthorized users to access your information.
• Be cautious with emails, texts and voicemails, especially unsolicited messages from unknown senders. Don’t open or click on suspicious attachments or links. When receiving a message claiming to be from a trusted organization, such as your bank, double-check that the sender is legitimate by checking the company’s website or calling their listed number directly.
• Limit the personal data collected by websites or mobile apps, including not allowing personal information, such as your email address, to be shared with third parties. Review an app’s privacy policies before downloading it and accepting the terms of service.
• Be mindful of the personal information you share on social media. Birthdates, telephone numbers, home addresses or photos that identify your job or hobbies could reveal answers to security questions that cybercriminals can use to access accounts and personal information.
• Consider connecting to the internet using a virtual private network, or VPN, to encrypt your data and mask your location for additional security.
• Be careful about conducting online activities when in public. Public wireless hotspots may not be secure and can potentially allow others to monitor online activity, especially if the network is unencrypted. Additionally, strangers can view your online activity by peeking at your screen, or “shoulder surfing.” Don’t access sensitive data, such as your bank account, in public.

Division of Homeland Security and Emergency Services Commissioner Jackie Bray said, “Technology is evolving and changing every day, creating new ways for your personal information to be compromised.  New Yorkers must remain vigilant about cybersecurity and protect their data online by taking simple steps to help keep their private information safe like creating intricate passwords and using secure servers.”

Department of Taxation and Finance Acting Tax Commissioner Amanda Hiller said, “Together with our partner agencies in state government, we take the threat of data security breaches very seriously, and you should, too. Do everything you can to shield your sensitive personal information from cyber criminals. Always keep your guard up. ”

Department of Financial Services Superintendent Adrienne Harris said, “Proper cybersecurity hygiene can protect consumers and uphold the integrity of the global financial system. Through the Department’s nation leading cybersecurity requirements, DFS remains steadfast in ensuring that financial services companies have the robust cybersecurity protocols in place to safeguard personal data in today’s interconnected world.”

Secretary of State Walter T. Mosley said, “With technology being used more than ever in our daily lives, it’s important for New Yorkers to take extra precautions to protect their personal data. Data Privacy Week is the perfect opportunity for consumers to refamiliarize themselves with online safety tips, strengthen the security of their accounts and make sure their devices are equipped with the latest updates to help prevent their information from being compromised.”

For more information on keeping data secure and other cybersecurity best practices, visit the ITS website.

About Data Privacy Week

Data Privacy Week began as Data Privacy Day in the U.S. and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.