New York SHIELD Act – Small Business Exceptions
The New York State implemented updates to The Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) in March of 2021. The SHIELD Act basically states that any business or organization that deals with the private electronic data of New York State residents must be compliant. Any person or business owning or licensing computerized data of a New York State resident must implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of that data.
Are there any exceptions for small businesses in Buffalo?
In order to determine any exceptions for small businesses, we must define what is considered to be a small business. Under the SHIELD Act, a small business has fewer than fifty employees, less than three million dollars in gross annual revenue in each of the last three fiscal years, or less than five million dollars in year-end total assets.
There are no exceptions for small businesses in the breach notification rule of the SHIELD Act. If a small business experiences a breach of private information of New York State residents, the company must notify the affected persons. The persons or businesses must also notify the information’s owner or licensee. There is some relief for small businesses that are covered by the SHIELD Act. Covered businesses must maintain a security program and adopt reasonable administrative, technical, and physical safeguards made appropriate for the size and complexity of the small business, nature, and scope of the business’s activities, and the sensitivity of the personal information collected.
Can Globalquest ensure your Buffalo & Western New York business is SHIELD Act compliant?
Globalquest partners with our customers to educate, plan, implement and support information technology. We also understand the New York SHIELD Act inside and out. We can help you develop a system that will protect your customer’s private information, protects your organization’s continuity, and keeps you SHIELD compliant. We are here to help our clients optimize business performance, reduce operating costs, improve productivity, increase reliability, enhance security, and reduce risk. Reach out to us today for more information.