What is the New York SHIELD Act?
The Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) was implemented by New York State. This protects and regulates the data security of New York State residents. Any business or organization that deals with the private electronic data of New York State residents must be compliant with the New York State SHIELD act. The primary purpose of the SHIELD Act is to impose more expansive data security. With more business transactions occurring online, protecting electronic customer data is critical. The New York State SHIELD Act offers new rules and compliance regulations to ensure client electronic data is properly protected.
How The New York State SHIELD Act Impact Buffalo & Niagara Businesses
If your business deals with the data of any New York Resident, then you must comply with the SHIELD Act. Any person or business which owns or licenses computerized data of a New York State resident must implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of that data. Even if your organization operates outside of New York State, but you have customers who do reside in New York State, you are required to have and stay compliant with, the SHIELD Act.
It is important that your company follows the law of the SHIELD Act when it comes to protecting “private information”. Private information of a customer residing in New York State may include personal information in combination with any one or more data elements that could be considered as identifiers of an individual. Such information includes a social security number, driver’s license number, account number, credit or debit card numbers, and biometric information.
The new law determines if there has been unauthorized access to the protected information. It also expands on the situations that could result in a breach of the security of the system. With that, the SHIELD Act also added a significant exception to the notification requirement and who to notify if a breach did in fact occur.
What Are Reasonable Administrative, Technical, And Physical Safeguards Suggested By The New York State SHIELD Act?
The SHIELD Act defines private information, breach of the security of the system, and breach notification requirements. Although the SHIELD Act does not specify what is considered to be reasonable administrative, technical, and physical safeguards, it does provide examples and suggestions of the kinds of safeguards businesses should be adopting. An example of a reasonable administrative safeguard would be to designate one or more individuals to be responsible for security programs. Assess risks in network and software design is considered to be an example of a technical safeguard. Finally, a physical safeguard could mean detecting, preventing, and responding to intrusions. There are more examples and suggestions of each of these outlined.
Who Should You Contact To Be SHIELD Act Compliant In Buffalo & Across Western New York?
Of course, when it comes to laws, being in breach could cause violations that have heavy penalties attached to them. A court-imposed penalty could carry up to a $250,000 fine. Make sure you hire the right IT company that understands the rules of the New York State SHIELD Act. At Globalquest & Solutions, we can help you with all your business needs, including compliance. We are here to ensure that you continue to protect important sensitive data as outlined under the New York SHIELD Act, you remain compliant, and you stay away from violations and penalties. Give us a call, or shoot us an email, today.