Copeland News Alert: The NYS Shield Act 2020

Is your company SHIELD ready?

New York State is getting serious about cybersecurity. Their most recent action that was signed into law on July 25, 2019, is the New York State Stop Hacks and Improve Electronic Data Security Act or the SHIELD Act. Before the security requirements go into effect on March 21st, we want to make sure that your company is SHIELD ready.

Here are the key items about the SHIELD Act that we think you should know:

    • The SHIELD Act is an amendment to the NYS Breach Notification Law It places cybersecurity requirements on everyone in New York who owns or licenses Personally Identifiable Information (PII) of NY residents) — now, companies don’t just have to report breaches, they have to use “reasonable safeguards” to protect PII.
    • Being “in compliance with” HIPAA/HITECH, GLBA, or NYS DFS cybersecurity regulations allows you to establish that you have met the reasonable security requirement.

    Businesses also have to develop, implement, and maintain safeguards:

      • Administrative Safeguards including, but not limited to, vendor risk management and security program maintenance
      • Technical Safeguards like incident detection, prevention, and response
      • Physical safeguards that include disposing, or wiping, electronic media within a reasonable amount of time and intrusion detection, prevention and response

      There’s good news for small businesses (businesses with less than 50 employees or less than $3 million in revenue assets) get a reasonable and appropriate to the size and complexity of the business clause. While this isn’t an exemption, it does seem intended to allow flexibility in how smaller organizations implement cybersecurity.

      Interested in downloading the SHIELD Act in its entirety? Click here!

      Luckily, there is still plenty of time before March 21st to get your company’s ducks in a row. If you have any questions about the SHIELD Act, let us know! We will make sure that you get the answers you need. In the meantime, you can watch Eric’s full conversation with David Newell from Loptr for more information about the SHIELD Act.


      Posted on February 24, 2020. Categorized as .

Related Insights

What is vulnerability scanning?

March 29, 2023

Just because you’re not using an application doesn’t mean it’s not vulnerable. Vulnerability scanning is a platform that will look for weaknesses on the systems and hardware that live on your network…. Read more

Is your classic Antivirus Software Protection enough for today’s threats?

March 8, 2023

Endpoint Detection and Response is a next-generation tool similar to Antivirus (AVP) but uses AI features to detect threats on your system and recover from them. This software may also include a… Read more

Why you should off-board former users immediately

November 30, 2022

Why should you off-board users as soon as they are no longer with your organization? This is a very important process that helps keep your company assets secure from unauthorized access. It… Read more

Request More Info

Get in touch and determine where managed IT services fits with your business.
Request More Info Mini

Stay Up to Date

Get valuable technology and security insights sent directly to your inbox.
Mailing List Sign Up