New York State’s SHIELD ACT: Steps for Understanding and Compliance!
Cyber-attacks aimed toward business entities have gained massive traction in recent years, and with this, a higher data breach price tag has accompanied them. Data security regulation is a priority now more than ever. The 2019 Official Annual Cybercrime Report (ACR) predicts that businesses will fall for ransomware attacks every 14 seconds. Not to mention the evolution of all data attacks each year, which will cost an estimated $6 trillion in damages by 2021. Regulation of data protection and privacy is now a necessity to stay in business. New York State is making sure of that, with the signing of the Stop Hacks and Improve Electronic Data Security, also known as the SHIELD Act!
The SHIELD Act phase one went into effect on 10/23/2019 this section includes the mandated reporting of data breaches. However, the 03/21/2020 deadline is much more involved and includes a mandated plan in place for reasonable safeguards including administrative, technical and physical aspects.
The SHIELD Act expands current legislation to include broader definitions of both personal information and what constitutes a data breach. It also changes who must be in compliance, and the fines due for those who are not compliant.
The SHIELD Act changes:
The NYS Attorney General, from here on out will handle matters of non-compliance.
You’ll be subject to a penalty which has just increased from $150,000 to $250,000 maximum!
To be compliant with the SHIELD Act, you must first understand it!
Here are general guidelines to focus on:
At LACyber, we’re here to help make this process as streamlined as possible.
In order to ensure your organization will not face fines regarding non-compliance, schedule a free 10-15 minute phone consultation with us today! We will go over requirements for your specific organization/industry and suggest steps you can take towards compliance before the deadline.
CONTACT INFORMATION: 716-871-7040 SROZUMALSKI@LA-CYBER.COM