What is the New York State SHIELD Act?
This new law, passed in 2019, applies to all companies in New York State or ones outside that have NYS resident data.
This new law boosts the protection of consumer and employees’ private information and holds companies that do business within the state accountable for protecting this data. This law is meant to compliment existing federal and state protections which are already in existence, however, this New York law has a broader impact simply due to the size of the state and the number of employees and residents.
The SHIELD Act expands the definitions of a breach and private information and requires businesses to have specific controls in place for breach prevention, detection, and response
The NYS SHIELD Act has expanded definitions such as:
Businesses must take "Reasonable Safeguards"
Some key elements with relevance to HR stakeholders include the following: