Because the technique involves impersonating a trusted employee, the hacking method has the potential to be unusually effective.
The new policies, meant to protect elder privacy, have also drawn criticism because of the requirement that families notify care facilities before they install the camera.
The data privacy bill would give consumers the right to access and delete data collected about them, while the facial recognition legislation would regulate government use of the software.
A bill is currently before the state House that would ban government use of biometric technology until the legislature regulates how agencies can adopt it.
Some security experts and lawmakers have criticized the Department of Health and Human Services for failing to enforce privacy laws and fine organizations that did not protect patient records.
Created in the wake of a shooting at the Pittsburgh Tree of Life synagogue, the grant program opened its application process last week.
Weak passwords, insecure network services and a lack of secure update mechanisms top the list of risks for companies utilizing IoT technology.
The bipartisan measure would allow parents to delete information collected by companies about their kids and raise the age of parental consent protection from 13 to 16.
Airlines are also suspending flights to and from Iraq, Iran and other countries due to threats of missile attacks, one of which is suspected to have downed a Ukrainian passenger plane.
The Metropolitan Transportation Authority maintains that it has not used facial recognition on riders, but privacy advocates want records related to the technology the agency purchased.