SHIELD Act Raises Data Security Standards For New York

6 March, 2019

The S.H.I.E.L.D Act (Stop Hacks and Improve Electronic Data Security Act), effective since January 2018, was created to enhance and improve data security in the New York area.  This bill was meant to reduce the number of data breach occurrences of personal information within both larger and smaller companies; personal information meaning “any information concerning a natural person, which because of name, number, personal mark or other identifier, can be used to identify such a natural person.” Private information is personal information (like anything listed above) that is also used with someone’s social security number, drivers license, username or email that’s with a password or security question that would ultimately allow access to that person’s account. Ultimately, this act helps to raise the data security standards and requirements for companies to help better protect its New York residents.

The major aspects of the SHIELD Act include:

1. Any person or entity that handles private information of New York residents whether or not you live directly in New York may still be subject to the law and must abide by its requirements.
2. If an individual or company were to fail to comply with the data security requirements of the act, there could be a fine as high as $5,000 per violation or $20 per notification failure, which could get as high as a $250,000 fine.
3. Requires all businesses to implement “reasonable” administrative, technical, and physical safeguards to protect sensitive data
4. Somewhat relaxed standards for smaller businesses (less than 50 employees and under $3 mill in gross revenue)

The SHIELD act is definitely a great step in the right direction for the Greater New York Area and has heightened data security as a whole. Of course, it doesn’t prevent breaches from happening completely, but has enforced stricter rules that businesses must follow to decrease the number incidents.  With the SHIELD Act or not, your data will always be at risk to some degree. That’s why Guardian is the best and only choice for protecting your data. Learn more about our services at https://guardiandatadestruction.com