The New York State Stop Hacks and Improve Electronic Data Security (SHIELD) Act is a data privacy and cybersecurity law that was passed in 2019. The law applies to any person or business that owns, licenses, or maintains computerized data that includes private information of New York residents. It requires such businesses to implement reasonable data security measures to protect that information. This includes implementing administrative, technical, and physical safeguards to protect against unauthorized access, use, and disclosure of private information. The law also imposes new breach notification requirements and expands the definition of private information to include biometric information and usernames and passwords used to access online accounts.
Overall, the NY Shield Act is designed to help protect the personal and private information of New York residents by ensuring that businesses are taking appropriate steps to safeguard this information. By implementing the required data security measures and following the breach notification requirements, businesses can avoid potential fines and other legal consequences for failing to protect private information.
Accutive Security can assist businesses in complying with the NY Shield Act and other relevant data privacy and cybersecurity laws. Our team of experts can conduct security assessments, develop risk management plans, assist with security policy development, and help businesses plan and prepare for potential data breaches. With Accutive Security’s help, businesses can ensure that they are fully compliant with the NY Shield Act and other relevant data privacy and cybersecurity laws, and are taking the necessary steps to protect the personal and private information of their customers and employees.