
SHIELD Act Raises Data Security Standards For New York
Posted in Data Destruction
Glenn Laga
6 March, 2019
The S.H.I.E.L.D Act (Stop Hacks and Improve Electronic Data Security Act), effective since January 2018, was created to enhance and improve data security in the New York area. This bill was meant to reduce the number of data breach occurrences of personal information within both larger and smaller companies; personal information meaning “any information concerning a natural person, which because of name, number, personal mark or other identifier, can be used to identify such a natural person.” Private information is personal information (like anything listed above) that is also used with someone’s social security number, drivers license, username or email that’s with a password or security question that would ultimately allow access to that person’s account. Ultimately, this act helps to raise the data security standards and requirements for companies to help better protect its New York residents.
The major aspects of the SHIELD Act include:
- Any person or entity that handles private information of New York residents whether or not you live directly in New York may still be subject to the law and must abide by its requirements.
- If an individual or company were to fail to comply with the data security requirements of the act, there could be a fine as high as $5,000 per violation or $20 per notification failure, which could get as high as a $250,000 fine.
- Requires all businesses to implement “reasonable” administrative, technical, and physical safeguards to protect sensitive data
- Somewhat relaxed standards for smaller businesses (less than 50 employees and under $3 mill in gross revenue)
The SHIELD act is definitely a great step in the right direction for the Greater New York Area and has heightened data security as a whole. Of course, it doesn’t prevent breaches from happening completely, but has enforced stricter rules that businesses must follow to decrease the number incidents. With the SHIELD Act or not, your data will always be at risk to some degree. That’s why Guardian is the best and only choice for protecting your data. Learn more about our services at https://www.guardiandatadestruction.com
We also recommned
IT Asset Manager’s Guide to a Hybrid Data Destruction Policy
IT Asset Managers (ITAMs) are Rock Stars. That’s how we see it. Along with everything else on their plate, they’re managing and documenting the data …
IT Asset Manager’s Guide to a Hybrid Data Destruction Policy Keep Reading >
Reduce Risk in Enterprise Data Destruction: Reset Data Center Factory Defaults
Data destruction for the enterprise goes far beyond shredding, wiping and degaussing of data storage. Once data destruction processes move from desktops and laptops, hard …
Reduce Risk in Enterprise Data Destruction: Reset Data Center Factory Defaults Keep Reading >
Reinforcing the Guardian Data Destruction Mission to be the Leading Provider of Onsite Data Destruction and IT Asset Services
Guardian Data Destruction’s mission is to be the leading provider of onsite data destruction and IT asset services. Our 2023 Annual Company Meeting, held March …
Stay in the know
Get relevant information right in your inbox
We do not sell or share your information with anyone