SHIELD Act Strengthens Data Breach Policies in NY

How New York is Shaking Up Cybersecurity

June 27, 2019

The Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act, was recently passed by the New York legislature. It updates the state’s breach notification laws and broadens the definition of what constitutes a "breach".

The bill, recently passed by the New York Legislature, would dramatically change the state's way of handling data breaches and would provide consumers with more transparency while imposing strict penalties on companies for suffering cyber attacks. States across the country have adopted or are actively seeking to adopt consumer privacy legislation.

SHIELD was first proposed by former Attorney General Eric Schneiderman in 2017 and is co-sponsore by Todd Kaminsky, NY State Senator, shortly after the massive Equifax data breach that affected close to 150 million consumers. SHIELD has undergone many revisions, but the bill:

expands the legal definition of what counts as data (including biometric data, email addresses, passwords and security questions)
expands what counts as a data breach (including unauthorized viewing and copying)
requires companies to implement more measures to protect consumer data, expands the current breach notification requirement and mandates that any person or enterprise affected by the breach be notified.

The New York Privacy Act, another recently introduced bill, seeks to go beyond what the California Consumer Privacy outlines by giving residents unprecedented options for consumers to take control over their data.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

SHIELD Act Strengthens Data Breach Policies in NY

Related Articles

Related Events

Report Abusive Comment