The NY State SHIELD Act

Information technology is a constant of almost every business in the modern world. Commercial entities rely on doing business electronically, whether that’s managing the internals of operations or building virtual bridges of enterprise throughout the world. So, when New York enacted laws to secure and solidify electronic communications and processes, it may have been a brilliant gift many companies never saw coming.

On March 21, 2020, the state of New York passed legislation that improved data security, helping to prevent hacks and data breaches. This is known as the NY State SHIELD Act. If you are unfamiliar with this recently enacted law, it is time to brush up and take action. Here is what you need to know about the NY State SHIELD Act.

YouTube video

Who Needs It?

Anyone that conducts business within the state of New York needs to adhere to the NY State SHIELD Act. The generalized definition requires any virtual data transmitted by and through all entities within the state to have a certain standard of secured safeguards in place before sharing the information. In a nutshell, if a company sends or receives data, its security processes must be in line with the NY State SHIELD Act. Yes, there is a compliance measure that is required by state law. So, what happens if a company fails to adhere to the state’s requirements?

Non-Compliance Gets Pricey

Driven by the widespread and numerous Equifax data breaches in recent years, New York’s legislators drew a harder line to enact the NY State SHIELD Act. When it finally passed in March, so did a set number of penalties for companies that didn’t comply with it. Generally, a company can be required to pay up to $5000 per violation. Despite the size of a company, paying that much for each violation quickly adds up and could do a lot of damage, particularly for smaller businesses. While it has only been in place since March, being non-compliant with the SHIELD Act can have dire consequences for any business conduction business within New York or with New York state.

Is Your Company Compliant?

Does your company have fewer than 50 employees and has generated less than 3 million dollars of revenue within the past three years? If you thought “yes,” then you need to be in compliance with the SHIELD Act. Does your company have more than 50 employees and has generated more than 3 million dollars of revenue within the past three years? If that answer is “yes,” then your compliance requires even more adherence.

New laws that require compliance can be tricky, especially when dealing with out-of-state companies. When legislation is new, there is often a learning curve to navigate murky legal areas. This is particularly true when a company uses IT services (which most do), but information technology is not the business’s specialty. However, that’s the perfect time to consider using a managed IT solutions service. Any and everything related to information technology, including newly enacted laws like the NY State SHIELD Act, is as important a service as any. If you need to understand what it takes to be compliant and then get to that destination, that’s where we come in. is a managed IT service company whose fundamental mission is to keep all companies, from startups to large corporations, on track. We provide services in The Carolinas, Texas, Georgia, Tennessee, Kentucky, Ohio, Illinois, Wisconsin, Delaware, and the tri-state area including Pennsylvania, New Jersey, and, of course, New York. We specialize in cybersecurity, IT solutions, and comprehensive industry solutions. If you need us, call us. We will be there to help keep your business safe.

Share the Post