More data records have been exposed thus far in 2020 than in all of 2019. That’s a 273% increase from Q1 2019, which saw 4.1 billion records exposed.
States across the U.S. have begun to act by developing laws to ensure that businesses protect U.S. citizens’ personal information during these unprecedented times.
In March 2020, New York enacted one of the most aggressive state data breach notification laws in the United States, the “Stop Hacks and Improve Electronic Data Security” (SHIELD) Act. This law applies to any person or business (even those operating outside of New York) that collects and maintains New York residents’ “private information.”
The SHIELD Act requires companies to have comprehensive programming in place to prevent breaches, have training programs in place, and regularly monitor their controls for effectiveness. The SHIELD Act also significantly expands the definitions of a breach and private information, the companies the law applies to, and the reporting period.
As a result, businesses should re-assess their cyber security strategies for collecting, processing and storing consumer personal information. You must act today to comply. The upfront investment compared to the extreme recovery costs will prevent needless pain after the fact.
- Conduct a Security Risk Assessment
- Conduct a Penetration Test
- Prioritize Putting Security Controls in Place
- Watch our Webinar on Complying with the SHIELD Act
ACE IT Solutions’ team of cybersecurity risk management and compliance experts can help you through the process – from start to finish – so you will be in compliance with the New York SHIELD Act. Call 646.558.5575 or email firstname.lastname@example.org to set up a compliance consultation.