SHIELD act is a New York State law that came into effect on 23th of October 2019. It stands for ‘Stop Hacks and Improve Electronic Data’ it was signed into law on 25th of July 25th of 2019. Simply described, it is set of regulations that will help improve New York customers protect their data, their credentials and help minimize data breaches.
This law was created to update the existing cybersecurity and data protection laws because in this ever changing network security requirements, client’s data often is at risk. Definition of personal information is also expanded in this act and now the definition includes biometric information, name, email, passwords, personal address and credit card information among other.
If you are a business owner running a business in New York or you have customers from New York, then you should be looking into the following things
- Your data collection tools and your data security program should be revised
- Breach notification protocol and information should be according to regulations
- Data disposal policy should be put in place and updated according to SHIELD
- Your employees should be properly trained to minimize any chances of malware attack.
- Both on-premise and off-premise security should be double checked and extra layers should be introduced.