Copeland News Alert: The NYS Shield Act 2020

  Return to Insights

Is your company SHIELD ready?

New York State is getting serious about cybersecurity. Their most recent action that was signed into law on July 25, 2019, is the New York State Stop Hacks and Improve Electronic Data Security Act or the SHIELD Act. Before the security requirements go into effect on March 21st, we want to make sure that your company is SHIELD ready.

Here are the key items about the SHIELD Act that we think you should know:

    • The SHIELD Act is an amendment to the NYS Breach Notification Law It places cybersecurity requirements on everyone in New York who owns or licenses Personally Identifiable Information (PII) of NY residents) — now, companies don’t just have to report breaches, they have to use “reasonable safeguards” to protect PII.
    • Being “in compliance with” HIPAA/HITECH, GLBA, or NYS DFS cybersecurity regulations allows you to establish that you have met the reasonable security requirement.

    Businesses also have to develop, implement, and maintain safeguards:

      • Administrative Safeguards including, but not limited to, vendor risk management and security program maintenance
      • Technical Safeguards like incident detection, prevention, and response
      • Physical safeguards that include disposing, or wiping, electronic media within a reasonable amount of time and intrusion detection, prevention and response

      There’s good news for small businesses (businesses with less than 50 employees or less than $3 million in revenue assets) get a reasonable and appropriate to the size and complexity of the business clause. While this isn’t an exemption, it does seem intended to allow flexibility in how smaller organizations implement cybersecurity.

      Interested in downloading the SHIELD Act in its entirety? Click here!

      Luckily, there is still plenty of time before March 21st to get your company’s ducks in a row. If you have any questions about the SHIELD Act, let us know! We will make sure that you get the answers you need. In the meantime, you can watch Eric’s full conversation with David Newell from Loptr for more information about the SHIELD Act.

       

      Posted on February 24, 2020. Categorized as .

Related Insights

Is your business truly protected 24/7?

March 24, 2025

Is your business truly protected 24/7? A SIEM (Security Information and Event Management) solution is more than just a compliance tool—it’s a crucial asset for business security. ✅ Detect threats early, whether… Read more

Anti-Virus Software vs. Endpoint Detection and Response

February 26, 2025

Is your business still relying on outdated anti-virus software security? Traditional antivirus only stops known threats. EDR uses AI and real-time monitoring to detect and stop attacks before they spread, even if… Read more

What is vulnerability scanning?

March 29, 2023

Just because you’re not using an application doesn’t mean it’s not vulnerable. Vulnerability scanning is a platform that will look for weaknesses on the systems and hardware that live on your network…. Read more

Request More Info

Get in touch and determine where managed IT services fits with your business.
Request More Info Mini

Stay Up to Date

Get valuable technology and security insights sent directly to your inbox.
Mailing List Sign Up