New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act took effect on March 21, 2020. It is designed to make sure that organizations do their due diligence to protect the private data they access that belongs to residents of New York state. This means implementing a range of cybersecurity safeguards, and, in the event of a failure, facing severe noncompliance fines.
Some small businesses or non-HIPAA subject medical practices may think that they don’t have to comply with SHIELD - but that’s not necessarily true.
After all, what you don't know about SHIELD could cost you - a lot.
Before the implementation of the NY SHEILD Act, you could have been subject to a $5,000 ($10 per instance) fine for failing to notify those affected by a breach. It would end up being whichever figure was higher, up to a total of $150,000.
With the SHIELD Act in effect, these fines are increased to $20 per incident with a maximum of $250,000. That’s not to mention that you could face a fine up to three years after an incident rather than two years.
Need a hand assessing your SHIELD compliance? You can partner with Globalquest Solutions, Inc. to have your compliance practices double-checked and your cybersecurity supported by the right technology.