Categories & Search

New York AG Throws Support Behind Proposed SHIELD Act

It didn’t take long for New York’s interim Attorney General to send a strong message to the business community about the importance of data security.

In a press release yesterday, interim New York Attorney General Barbara Underwood threw her support behind New York’s proposed SHIELD Act – Stop Hacks and Improve Electronic Data Security – which was introduced late last year and imposes data security safeguard requirements on businesses that hold sensitive information of New York residents. 

We’ve previously blogged about the proposed law on several occasions. If enacted, the new law will raise the bar on New York’s existing data security laws and impose a legal responsibility on businesses to adopt “reasonable” cybersecurity practices, and expand the types of data that trigger state data breach reporting requirements.

Yesterday’s statement also noted that The Partnership for New York City, AARP and the Consumers Union support the bill.

“It’s time for Albany to bring our laws into the 21st century and ensure that New York families and businesses are not needlessly victimized by weak data security and criminal hackers,” said Underwood.

In addition, the AG’s office released a “Small Business Guide to Cybersecurity in New York State,” which offers information about basic cybersecurity practices and data breach response to small business owners. The guide identifies 10 key practices related to password protection, the use of anti-virus software, file backups and data retention policies, phishing threats, and access controls. The guide also provides tips for small businesses that believe they have suffered a data breach.

New York is joining a growing number of states that are ramping up efforts—and enacting new laws—to regulate cybersecurity within their borders.  California, Colorado and several other states have similar legislation.

We will continue to follow these issues on this blog.