NYS SHIELD ACT – Overview

 

The “Stop Hacks and Improve Electronic Data Security Act” (aka NYS SHIELD Act), was signed into law in July 2019, and fully takes effect on March 21, 2020. This law has several parts.

First, it broadens the definition of what data must be protected, to include “private information” in additional to “personal information”. This sounds insignificant, but has big implications which we’ll discuss in a future video.

SHIELD also broadens the definition of the term “Breach” to include unauthorized “access” to the data. Previously, NY laws considered it a breach only if data was copied or exfiltrated. And thirdly, SHIELD mandates that businesses that collect private information on New York State residents, must implement reasonable cybersecurity safeguards to protect that information.

The law describes the framework for these cyber security programs, which include implementing cyber security best practices similar to the ones other regulations require. Note that there is some flexibility in the law for smaller businesses to implement their Cyber Security program in a way that is appropriate to amount and sensitivity of the data that that business handles.

Fines for noncompliance with the law can be as high as $5000 per violation, up to $250,000 total.

While implementing SHIELD may feel like a burden for many businesses, it’s good to remember that this law was created for a reason.

Cyber Security attacks have been increasing drastically year over year. As a result, more data is being stolen today than ever before, and millions individuals are being personally affected as a result.

New York State is the fourth state to adopt these kinds of regulations to help protect its residents from becoming the victims of a cyber security attack. Many other states are currently considering similar legislation.

The only reasonable way to protect the sensitive data that your company collects is to implement cyber security best practices.

Thank you for reading this post, don't forget to subscribe!

Share

You may also like...

A picture depicting robotic process automation, RPA, in the healthcare industry.
IT Support

Why RPA Is Essential for the Healthcare Industry

Robotic process automation, or RPA, is an excellent means of streamlining workflows in a wide variety of businesses, and the healthcare industry is no exception. …

Read More →
IT employees providing help desk support.
Uncategorized

Help Desk Support: Let Professionals Do the Heavy Lifting

Key Takeaways: End-user support has become an integral part of most businesses. Before deciding whether to invest in a support desk system, you should gain …

Read More →
robotic process automation
IT Support

RPA – Robotic Process Automation

The global RPA (robotic process automation) market reached a value of $1.89 billion in 2021. Businesses are always looking for ways to grow and improve, …

Read More →