Home - New York SHIELD Act Compliance


New York SHIELD Act Compliance

The most important point about the new NY Shield act is any business that holds private information of a New York resident - regardless of whether that organization does business in New York - is required to comply and fines can be hundreds of thousands of dollars.

On October 23, 2019 changes take place to New York’s data breach notification statute, to provide updated definitions and additional coverage.

New data security protections are effective on March 21, 2020.

SHIELD stands for Stop Hacks and Improve Electronic Data Security Act and was inspired by government and legal action against Equifax which ultimately cost the company billions of dollars.

It requires companies to comply with a reasonable security requirement. They must develop, implement, and maintain reasonable safeguards to protect the security, confidentiality, and integrity of the private information including, but not limited to, disposal of data.

There is also a new definition of private information - now included are account numbers, credit and debit card numbers, biometric information, user name/password combinations and more.

Companies must designate an employee or service provider to help them stay secure.

If a cybersecurity incident occurs and affects more than five hundred New York residents, written determination must be provided to the New York Attorney General within ten days after the determination.

The per-record beach fine is $20 and is capped at 12,500 records.

Reckless violations can cause a fine of up to $250,000.

The fine itself will likely be a small part of the cost of a breach. IBM research shows the average cost of a small business breach is $2.5 million. Typical breaches cause a loss in customers, lawsuits, business disruption and a lot more. We have sadly seen bankruptcy. The fine is an additional pain which must be endured. Also - cybersecurity insurance rates will likely increase dramatically as a result of a breach.

With so much at stake - companies can always benefit from a second opinion.

Apex Technology Services can help by providing IT consulting, cybersecurity and ongoing support services. We can help with establishing safeguards to protect the security, confidentiality, and integrity of the private information. We work in the most demanding financial and medical environments imaginable - where the threats are constant.

We are happy to assist in keeping your business running securely.

Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!