New York SHIELD Act Compliance

data shield

In New York, the Stop Hacks and Improve Electronic Data Security (SHIELD) Act was signed into law on July 25, 2019 to take effect from 23rd October 2019. The SHIELD law enhances the definition of a data breach, and increases the categories of data companies need to protect.

Any business that collects the data of New York citizens must comply with this law no later than March 21, 2020. Under SHIELD, fines for not taking sufficient steps to protect customer data have also increased, in a state that is proactive at prosecuting businesses for data breaches.

Are both your business and IT systems compliant with SHIELD?

Let our Northern Star superhero team put your mind at ease and see how we can verify compliance in only 30 days, for a one-off fee.

If your systems and processes aren’t compliant, we are here to implement any remediation required, to get you ready for the March 21, 2020 deadline and avoid a potential $250,000 fine.

What is the SHIELD Act?

Despite layers of federal and state data protection laws, the SHIELD Act goes further. Every company that does business in New York State, and collects New York citizens data needs to comply with the SHIELD Act.

Businesses have until March 21, 2020, to ensure compliance and we have experts with the right tools to find out if your company is compliant in only 30 days.

And if you aren’t, we can quickly put security systems in place that will remediate any security weaknesses. Protect your companies reputation and avoid the risk of fines and damaging lawsuits.

What is new about the SHIELD Act?

  • Data security breach notification requirements are expanded. Under the protection of SHIELD every business that collects the data of New York citizens need to be compliant with this law. Wherever your company is based.
  • SHIELD changes the definition of a data breach. Other laws only require companies to notify customers in the event of a third-party actively acquiring personal data. Now, even if the data was only accessed and not taken, your customers need to be notified.
  • More data is protected under this law than any other similar legislation. SHIELD has increased the scope of what comes under its protection. Now the following needs to be protected:
  • Biometric information;
  • Email addresses and passwords;
  • Security questions and answers;
  • Social Security numbers;
  • Driver’s license details, and other ID card details;
  • Bank account numbers, and any other payment information.

SHIELD means business. More data to protect, and a broader scope of what classes as a data breach. All of this is good news for customers. But it does mean businesses need to work harder to verify and maintain compliance.

How Northern Star can help with SHIELD compliance

Work with our superhero team for 30 days. At the end of the assessment, we produce a report which either confirms compliance with the SHIELD law, or highlights where improvements are needed. This will cover:

  • IT Security Compliance;
  • Physical Security Compliance;
  • HR Compliance;
  • Training.

Once the report is produced, we can work with you to put any new safeguards, systems, hardware or training in place to prevent data breaches.

If this sounds like something your company needs, in 30 days or less, we can verify and report on your level of compliance with the SHIELD act for a fixed, one-time, investment of $4,995. (multiple locations PoA).

Why take the risk of a fine of $250,000?

Give our friendly team a call on (800) 274-9047 about SHIELD compliance today



Leave a Reply

Your email address will not be published. Required fields are marked *