Lance's Corner

New York State Agencies Highlight Securing Personal Data

Jan 27, 2025

Per the notice below, multiple New York State agencies are highlighting securing personal data as part of Data Privacy Week.

NYS Agencies Urge New Yorkers to Secure Personal Data

State’s Residents and Businesses Encouraged to Commit to Securing their Data During Data Privacy Week

New York State Chief Risk and Data Privacy Officer Partners with State Agencies to Raise Awareness of Best Practices when Sharing Personal Data

In observance of Data Privacy Week, the New York State Office of Information Technology Services (ITS) and other State agencies today encouraged New Yorkers to protect their personal information online and urged both residents and businesses to take proactive steps to safely manage that data.  Aligned with this year’s theme, “Take Control of Your Data,” ITS, along with the Department of Taxation and Finance, Department of Financial Services, Division of Homeland Security and Emergency Services, and the Department of State are working together to raise overall awareness about the importance of data privacy.  This includes sharing concrete steps to safeguard personal information, including adjusting privacy settings on applications and accounts, strengthening account security with robust passwords and multifactor authentication (MFA), and ensuring devices are protected with the latest security updates.  Data Privacy Week begins on January 27, with the goal to educate the public on how to manage personal information online safely and easily, as well as help businesses and other organizations understand the importance of data privacy for users and other stakeholders.  New York State was once again named a Data Privacy Champion this year by the National Cybersecurity Alliance, a non-profit organization that promotes cybersecurity and the safe use of technology.  This designation recognizes the state's commitment to encouraging and empowering individuals and organizations to respect data privacy and manage personal information more carefully.  Last year, Governor Hochul signed into law the Child Data Protection Act, which ensures the privacy and protection of the personal data of New Yorkers under the age of 18.

ITS Chief Information Officer Dru Rai said, "Under Governor Hochul’s leadership, the State continues to emphasize just how important it is to protect the personal and confidential information of all New Yorkers.  We believe that Data Privacy Week is not just a reminder, but also a call to action: empowering individuals and organizations alike to prioritize privacy, safeguard personal information, and ensure that trust remains the foundation of our digital future.”

ITS Chief Risk & Privacy Officer Michele Jones said, “As we embark on Data Privacy Week, it’s a crucial moment for both individuals and organizations to reflect on the importance of safeguarding personal information.  This week serves as an important milestone in the defense of our personal privacy as a fundamental right.  By prioritizing privacy, we build trust and create safer digital spaces, now and for the future.”

Online platforms retain and track the personal information of users, including names and payment information.  Data privacy is crucial for protecting personally identifiable information (PII) from bad actors who would leverage this information for nefarious purposes, including identity theft.  New Yorkers can control how their data is collected and keep their personal information private and secure, with a few simple steps:

  • Keep devices and applications up to date.  Enable automatic updates when possible.  Review and consider enabling additional security features built into mobile devices, such as programs that encrypt data and remotely eliminate saved date if the device is lost or stolen.
  • Use long, unique and complex passwords for every account.  Consider using passphrases made up of multiple short words that are easy to remember but difficult to guess.  Avoid using famous or common phrases.
  • Enable MFA on devices and accounts whenever possible.  A password and another factor, such as a code from an app on your phone, make it much harder for unauthorized users to access your information.
  • Be cautious with e-mails, texts, and voicemails, especially unsolicited messages from unknown senders.  Don’t open or click on suspicious attachments or links.  When receiving a message claiming to be from a trusted organization, such as your bank, double-check that the sender is legitimate by checking the company’s website or calling their listed number directly.
  • Limit the personal data collected by websites or mobile apps, including not allowing personal information, such as your e-mail address, to be shared with third parties.  Review an app's privacy policies before downloading it and accepting the terms of service.
  • Be mindful of the personal information you share on social media.  Birthdates, telephone numbers, home addresses, or photos that identify your job or hobbies could reveal answers to security questions that cybercriminals can use to access accounts and personal information.
  • Consider connecting to the internet using a virtual private network, or VPN, to encrypt your data and mask your location for additional security.
  • Be careful about conducting online activities when in public.  Public wireless hotspots may not be secure and can potentially allow others to monitor online activity, especially if the network is unencrypted.  Additionally, strangers can view your online activity by peeking at your screen, or “shoulder surfing.”  Don’t access sensitive data, such as your bank account, in public.

Division of Homeland Security and Emergency Services Commissioner Jackie Bray said, “Technology is evolving and changing every day, creating new ways for your personal information to be compromised.  New Yorkers must remain vigilant about cybersecurity and protect their data online by taking simple steps to help keep their private information safe like creating intricate passwords and using secure servers.”

Department of Taxation and Finance Acting Tax Commissioner Amanda Hiller said, "Together with our partner agencies in state government, we take the threat of data security breaches very seriously, and you should, too.  Do everything you can to shield your sensitive personal information from cyber criminals.  Always keep your guard up."

Department of Financial Services Superintendent Adrienne Harris said, “Proper cybersecurity hygiene can protect consumers and uphold the integrity of the global financial system.  Through the Department’s nation leading cybersecurity requirements, DFS remains steadfast in ensuring that financial services companies have the robust cybersecurity protocols in place to safeguard personal data in today’s interconnected world.”

Secretary of State Walter T. Mosley said, “With technology being used more than ever in our daily lives, it’s important for New Yorkers to take extra precautions to protect their personal data.  Data Privacy Week is the perfect opportunity for consumers to refamiliarize themselves with online safety tips, strengthen the security of their accounts and make sure their devices are equipped with the latest updates to help prevent their information from being compromised.”

For more information on keeping data secure and other cybersecurity best practices, visit the ITS website.

About Data Privacy Week

Data Privacy Week began as Data Privacy Day in the U.S. and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe.  Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

USDOL Issues Comprehensive Employer Guidance on Long COVID

The United States Department of Labor (USDOL) has issued a comprehensive set of resources that can be accessed below for employers on dealing with Long COVID.

Supporting Employees with Long COVID: A Guide for Employers

The “Supporting Employees with Long COVID” guide from the USDOL-funded Employer Assistance and Resource Network on Disability Inclusion (EARN) and Job Accommodation Network (JAN) addresses the basics of Long COVID, including its intersection with mental health, and common workplace supports for different symptoms.  It also explores employers’ responsibilities to provide reasonable accommodations and answers frequently asked questions about Long COVID and employment, including inquiries related to telework and leave.

Download the guide

Accommodation and Compliance: Long COVID

The Long COVID Accommodation and Compliance webpage from the USDOL-funded Job Accommodation Network (JAN) helps employers and employees understand strategies for supporting workers with Long COVID.  Topics include Long COVID in the context of disability under the Americans with Disabilities Act (ADA), specific accommodation ideas based on limitations or work-related functions, common situations and solutions, and questions to consider when identifying effective accommodations for employees with Long COVID.  Find this and other Long COVID resources from JAN, below:

Long COVID, Disability and Underserved Communities: Recommendations for Employers

The research-to-practice brief “Long COVID, Disability and Underserved Communities” synthesizes an extensive review of documents, literature and data sources, conducted by the USDOL-funded Employer Assistance and Resource Network on Disability Inclusion (EARN) on the impact of Long COVID on employment, with a focus on demographic differences.  It also outlines recommended actions organizations can take to create a supportive and inclusive workplace culture for people with Long COVID, especially those with disabilities who belong to other historically underserved groups.

Read the brief

Long COVID and Disability Accommodations in the Workplace

The policy brief “Long COVID and Disability Accommodations in the Workplace” explores Long COVID’s impact on the workforce and provides examples of policy actions different states are taking to help affected people remain at work or return when ready.  It was developed by the National Conference of State Legislatures (NCSL) as part of its involvement in USDOL’s State Exchange on Employment and Disability (SEED) initiative.

Download the policy brief

Understanding and Addressing the Workplace Challenges Related to Long COVID

The report “Understanding and Addressing the Workplace Challenges Related to Long COVID” summarizes key themes and takeaways from an ePolicyWorks national online dialogue through which members of the public were invited to share their experiences and insights regarding workplace challenges posed by Long COVID.  The dialogue took place during summer 2022 and was hosted by USDOL and its agencies in collaboration with the Centers for Disease Control and Prevention and the U.S. Surgeon General.

Download the report

Working with Long COVID

The USDOL-published “Working with Long COVID” fact sheet shares strategies for supporting workers with Long COVID, including accommodations for common symptoms and resources for further guidance and assistance with specific situations.

Download the fact sheet

COVID-19: Long-Term Symptoms

This USDOL motion graphic informs workers with Long COVID that they may be entitled to temporary or long-term supports to help them stay on the job or return to work when ready, and shares where they can find related assistance.

Watch the motion graphic

A Personal Story of Long COVID and Disability Disclosure

In the podcast “A Personal Story of Long COVID and Disability Disclosure,” Pam Bingham, senior program manager for Intuit’s Diversity, Equity and Inclusion in Tech team, shares her personal experience of navigating Long COVID symptoms at work.  The segment was produced by the USDOL-funded Partnership on Employment and Accessible Technology (PEAT) as part of its ongoing “Future of Work” podcast series.

Listen to the podcast

HHS OIG Issues Annual Report on State MFCUs

Per the notice below, the Office of the Inspector General (OIG) of the United States Department of Health and Human Services (HHS) has issued its annual report on the performance of state Medicaid Fraud Control Units (MFCUs).

Medicaid Fraud Control Units Fiscal Year 2023 Annual Report (OEI-09-24-00200) 

Medicaid Fraud Control Units (MFCUs) investigate and prosecute Medicaid provider fraud and patient abuse or neglect. OIG is the Federal agency that oversees and annually approves federal funding for MFCUs through a recertification process. This new report analyzed the statistical data on annual case outcomes—such as convictions, civil settlements and judgments, and recoveries—that the 53 MFCUs submitted for Fiscal Year 2023.  New York data is as follows:

Outcomes

  • Investigations1 - 556
  • Indicted/Charged - 9
  • Convictions - 8
  • Civil Settlements/Judgments - 28
  • Recoveries2 - $73,204,518

Resources

  • MFCU Expenditures3 - $55,964,293
  • Staff on Board4 - 257

1Investigations are defined as the total number of open investigations at the end of the fiscal year.

2Recoveries are defined as the amount of money that defendants are required to pay as a result of a settlement, judgment, or prefiling settlement in criminal and civil cases and may not reflect actual collections.  Recoveries may involve cases that include participation by other Federal and State agencies.

3MFCU and Medicaid Expenditures include both State and Federal expenditures.

4Staff on Board is defined as the total number of staff employed by the Unit at the end of the fiscal year.

Read the Full Report

View the Statistical Chart

Engage with the Interactive Map

GAO Issues Report on Medicaid Managed Care Service Denials and Appeal Outcomes

The United States Government Accountability Office (GAO) has issued a report on federal use of state data on Medicaid managed care service denials and appeal outcomes.  GAO found that federal oversight is limited because it doesn't require states to report on Medicaid managed care service denials or appeal outcomes and there has not been much progress on plans to analyze and make the data publicly available.  To read the GAO report on federal use of state data on Medicaid managed care service denials and appeal outcomes, use the first link below.  To read GAO highlights of the report on federal use of state data on Medicaid managed care service denials and appeal outcomes, use the second link below.
https://www.gao.gov/assets/d24106627.pdf  (GAO report on federal use of state data on Medicaid managed care service denials and appeal outcomes)
https://www.gao.gov/assets/d24106627_high.pdf  (GAO highlights on federal use of state data on Medicaid managed care service denials and appeal outcomes)

CMS Issues Latest Medicare Regulatory Activities Update

The Centers for Medicare and Medicaid Services (CMS) has issued its latest update on its regulatory activities in the Medicare program.  While dentistry is only minimally connected to the Medicare program, Medicare drives the majority of health care policies and insurance reimbursement policies throughout the country.  Therefore, it always pays to keep a close eye on what CMS is doing in Medicare.  To read the latest CMS update on its regulatory activities in Medicare, use the link below.
https://www.cms.gov/training-education/medicare-learning-network/newsletter/2024-03-14-mlnc