The Stop Hacks and Improve Electronic Data Security (SHIELD) Act was introduced in November 2017 in response to the increasing number of data breaches and addresses major gaps in New York’s cybersecurity regulations. The SHIELD Act will impose fines of up to $5,000 per violation or $20 per instance of failed notification, not to exceed $250,000.
On June 5, New York Attorney General Barbara Underwood announced that various organizations had expressed support for the SHIELD Act. The AARP, Partnership for New York City, and Consumers Union have also shown support, and urge for the Act to be passed this year.
Prepare your organization for the SHIELD Act
The SHIELD Act addresses existing technologies, products, and practices that are used in data management, e.g. collection and storage. It requires organizations that maintain and process New York residents’ data, whether or not they are based there, to put in place administrative, technical, and physical information security measures. The standards are practical and correspond to the sensitivity of the data, as well as the organization’s size and complexity.
IT Governance can prepare your organization for the SHIELD Act
Download our free brochure ‘How to overcome your data security compliance challenges’.