New York Data Security Law Cracks Down on a World of Threats

Employment Resources

January 29, 2020 suzi No Comments

New York Data Security Law Cracks Down on a World of Threats

On July 25, 2019, the Governor of New York signed a law that would alter the way in which companies in New York could hold and secure the private information of its residents. Known as the Stop Hacks and Improve Electronic Data Security Act (The “SHIELD Act”), this new law expanded the definition of a security breach, offering more security to the consumer. In the previous version of the act, a “breach” simply meant to access data in an unauthorized manner. Now the meaning is more broad, allowing the consumer to more privacy as well as forcing the reporting agency, or any company holding information for that matter, to utilize more secure methods of information storage and follow stricter guidelines of compliance.

The SHIELD ACT made some significant changes to the original law, those being

Changes to the definition of “Private Information”
“Private information” now includes; an individuals account number, credit/debit card number, banking security code or password, biometric data (biometric data being data electronically measured and stored to determine an individual’s unique traits ie. Fingerprinting, DNA testing),
Changes to the meaning of “Breach”
A “breach” is now defined as the unauthorized access of information as well as the access of computer data that ultimately risks the security and confidentiality of private information of the consumer; information that companies should be trying to protect!
Widening the scope of the law:
The law previously only applied to those conducting business in New York. Now it means that anyone, whether private or a business, who owns or distributes private information of a resident of New York State is required to follow these rules.
Creating security requirements –
Companies are required to adopt security measures to protect the information that they obtain and redistribute. They are now required to utilize security programs, employee training and destroy data in a timely manner. Last October, on the 23rd, it became a requirement for companies operating to notify those affected by a potential breach. On May 21st, 2020, the data security measures will be mandatory.

What could this mean for the future? Ideally, companies would be held to a higher standard of accountability when it comes to the storage and acquisition of private, sometimes sensitive information.

For some good security tips, check out October’s Tip of the Month highlighting data security!

Certifications and Registrations.

Employers Choice Screening is a national employment background screening, and compliance training company headquartered in California with multiple certifications and registrations. We welcome the opportunity to work with chief procurement officers and diversity supply chain procurement managers to bid on RFPs and respond to RFQs for employment background screening, drug testing, and mandated employee compliance training services.

New York Data Security Law Cracks Down on a World of Threats

Employers Face Challenges with FCRA Lawsuits on the Rise

COVID-19 Court Closures

Recent Posts

The Case Against Social Media Searches

Should We Re-Screen Furloughed Employees?

Virginia joins ranks of CROWN Act

Florida Governor Signs Mandatory E-Verify Law

Categories

Certifications and Registrations.