NY SHIELD Act

Are you compliant?  The Stop Hacks and Improve Electronic Data Security Act, otherwise known as the SHIELD Act took effect on March 21, 2020. 

If you collect private data from NY residents, then the SHIELD Act may apply to you and/or your business.  Private data under the act includes social security numbers, driver’s license number, credit cards, bank accounts, biometrics, etc.  The Act also covers the collection of username/email address with passwords or security questions. Basically, anything that identifies a natural person resident of NY. The SHIELD Act also covers mandatory breach notification, which rules took effect on October 23, 2019.   

The SHIELD Act mandates the following:

“Any person or business that owns or licenses computerized data which includes private information of a resident of New York shall develop, implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information including, but not limited to, disposal of data.”

Best business practice is to have your Terms and Conditions of websites reviewed and updated as necessary to cover the SHIELD Act and other laws as applicable to your business.  Such review should take place at the time all marketing campaign materials are reviewed for Advertising Law compliance as well, preferably BEFORE launching the campaign publicly.  Any question? Feel free to contact me.

#substantiationequalstrust #transparencyformstrust #advertisingandmarketinglawyer #hispanicadvertisingandmarketingattorney