The Human Element

What exactly is the New York State SHIELD Act?

Without always realizing, the average individual like myself shares private information any time they access social media, browse through Google, or make an online payment.

Thinking about who could have access to your private information can be pretty scary but, in March 2020, amid the chaos of the global pandemic the New York State SHIELD Act was put into effect.

Due to its timing, many businesses were and still are unaware of the SHIELD Act and what exactly it entails. The purpose of the act is to enhance and amend the previous data breach notification law. With the act now in full affect, all businesses in the state who employ and have access to client’s private information are required to implement safeguards that will protect these individuals and their private information. The law covers any New York State resident.

A Look Into the World of Technology

The biggest piece of private information that businesses hold are social security numbers but most people are unaware that private information also includes a driver’s license number, credit or debit card number, financial account number, biometric information and more.

According to the state, a company is in compliance with the SHIELD Act if they implement administrative, physical, and technical safeguards. Administrative safeguards can include conducting risk assessments, training employees in security programs and procedures, and selecting a vendor to assist with putting these safeguards in place.

Physical safeguards include creating a system within your company that prevents, detects, and responds to any physical intrusions. In addition to preventing intrusions, companies must implement a program that properly and safely disposes of private information within a reasonable time frame. Lastly, technical safeguards put in place must be able to identify risks in the network and software design as well as in information processing, transmission, and storage.

For small businesses, especially those in the North Country, the SHIELD Act can definitely sound alarming and overwhelming. However, small businesses with less than 50 employees and make less than $3 million in yearly revenue are able to implement safeguards that are appropriate for the size and operation of their businesses. Locally, LayerEight is able to help small businesses navigate the new law and put the needed procedures in place to keep business owners and their employees safe.

About The Author

Olivia MetchickOlivia Metchick is a marketing major and public relations minor at SUNY Plattsburgh. In addition to being a member of Sigma Delta Tau sorority and Shine On (a nonprofit organization that is dedicated to making young girls more resilient and confident as they navigate middle school and beyond) Olivia enjoys skiing and spending time with family.