X
    X
    X
    X

    New York Jumps on the Data Security Bandwagon

    Publications

    On June 17, the New York State Assembly passed the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD Act which will be enforced by the New York Attorney General.  This SHIELD Act should not be confused with Marvel’s Strategic Homeland Intervention Enforcement and Logistics Division also called S.H.I.E.L.D.  The SHIELD Act is awaiting the governor’s signature to become law.

    The SHIELD Act is New York’s latest data security law and is rather broad-sweeping following in the footsteps of other states’ data security laws requiring that any business which owns or licenses private information (PI) of a New York resident “shall develop, implement, and maintain reasonable safeguards to protect the security, confidentiality, and integrity of the private information including, but not limited to, disposal of the data.”  In addition, the SHIELD Act provides a safe harbor for businesses that adopt certain specified safeguards including, for example, implementation of “reasonable administrative safeguards,” “reasonable technical safeguards,” and “reasonable physical safeguards.”

    The SHIELD Act goes into effect on the ninetieth day after becoming a law save for the reasonable security requirement which is effective two hundred and forty days after becoming a law.

    Please look for our forthcoming publications providing more details on the SHIELD Act and how it stacks up compared to other states’ recent data security laws.

    The post New York Jumps on the Data Security Bandwagon appeared first on Insurance & Reinsurance.

    Explore Additional Topics

    Disclaimer

    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.