SHIELD Act Raises Data Security Standards For New York
Posted in Data Destruction
6 March, 2019
The S.H.I.E.L.D Act (Stop Hacks and Improve Electronic Data Security Act), effective since January 2018, was created to enhance and improve data security in the New York area. This bill was meant to reduce the number of data breach occurrences of personal information within both larger and smaller companies; personal information meaning “any information concerning a natural person, which because of name, number, personal mark or other identifier, can be used to identify such a natural person.” Private information is personal information (like anything listed above) that is also used with someone’s social security number, drivers license, username or email that’s with a password or security question that would ultimately allow access to that person’s account. Ultimately, this act helps to raise the data security standards and requirements for companies to help better protect its New York residents.
The major aspects of the SHIELD Act include:
- Any person or entity that handles private information of New York residents whether or not you live directly in New York may still be subject to the law and must abide by its requirements.
- If an individual or company were to fail to comply with the data security requirements of the act, there could be a fine as high as $5,000 per violation or $20 per notification failure, which could get as high as a $250,000 fine.
- Requires all businesses to implement “reasonable” administrative, technical, and physical safeguards to protect sensitive data
- Somewhat relaxed standards for smaller businesses (less than 50 employees and under $3 mill in gross revenue)
The SHIELD act is definitely a great step in the right direction for the Greater New York Area and has heightened data security as a whole. Of course, it doesn’t prevent breaches from happening completely, but has enforced stricter rules that businesses must follow to decrease the number incidents. With the SHIELD Act or not, your data will always be at risk to some degree. That’s why Guardian is the best and only choice for protecting your data. Learn more about our services at https://www.guardiandatadestruction.com
We also recommned
5 ways to make Data Privacy Week 2023 a security win
How to make the most out of Data Privacy Day 2023 Is January 28th highlighted on your calendar? If not, it’s time to add the …
ESG and Electronic Data Destruction: It begins with Environment
Guardian’s commitment to ESG environmental impact and the business of electronic data destruction and e-waste
Who is responsible for your IT risk management? 7 stakeholders to consider.
How do you build a comprehensive IT Risk Management program that includes the right internal stakeholders who can identify the equipment, systems and vendors that …
Stay in the know
Get relevant information right in your inbox
We do not sell or share your information with anyone