Why Pennsylvania Businesses Need to Know About the NY State SHIELD Act
Cybersecurity is not just a concern for major corporations, but any business that stores data. It’s been estimated that 43% of cyber attacks target small businesses. Your business may not hold large amounts of cash on a daily basis, but you probably store another commodity that is just as valuable — data. Any business that wants to be up to date with proper cybersecurity protocols should familiarize themselves with the NY SHIELD Act, even those that aren’t based in New York. Here is a look at this piece of legislation and why it’s important for Pennsylvania businesses to understand.
What Is the NY State SHIELD Act?
The New York Stop Hacks and Improve Electronic Data Security Act — also known as the SHIELD Act — is a law passed in 2019 that requires any business that owns or licenses the private information of New York State residents to implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of that information. Businesses with less than 50 employees or three million dollars in annual revenue in the past three years are required to take reasonable, administrative, technical, and physical safeguards to protect data. Larger businesses are required to follow a few additional steps to be compliant with the law.
Why Is It Necessary for Pennsylvania Businesses to Understand the NY SHIELD Act?
The NY SHIELD Act doesn’t just apply to businesses based in New York State, but any business that may own or license the data of a New York resident. Data could mean sensitive information like credit card or Social Security numbers, or it could be as simple as a telephone number or email address. Therefore, any business that has a customer base in New York must pay attention to the NY SHIELD Act to be in compliance with the law.
Even if you don’t do business in New York currently, you should still consider updating your cybersecurity protocols in case you decide to expand. With almost 20 million people living in New York State, it’s one of the largest markets on the East Coast, and you’re likely missing out on major opportunities if you don’t have the proper cybersecurity measures in place. Plus, the NY SHIELD Act sets forth smart protocols for protecting the data of all your customers, even though it’s only mandatory for those catering to New York residents. So, taking the necessary precautions can not only protect you from litigation, it can help you avoid a data breach that may threaten your business.
How Can Pennsylvania Businesses Be Sure They Are Compliant With the NY SHIELD Act?
The protocols set forth by the NY SHIELD Act aren’t all that complex, however, they do require the guidance of a professional IT consultant. If you are a small business that can’t afford an in-house IT department, managed IT services can be a cost-effective way to handle your cybersecurity needs. TREYSTA technology management is a company based in Central Pennsylvania that provides managed IT services to businesses in the area. If you need help understanding the NY State SHIELD Act and how it applies to your business, give them a call today. They are happy to help demystify this important piece of legislation and give you actionable tips on how to make your business compliant with the necessary protocols.
