Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

SHIELD Act in New York Protects Citizens from Identity Theft and Data Breaches

Date: 08/12/2019

Consumers have a new law in New York to thank for providing additional protection from identity theft and data breaches. The SHIELD Act, which was passed by the state legislature in June in response to the rash of record-breaking data breaches and updated regulations, spells out how companies must respond when a breach event occurs. The new law in New York even applies to businesses outside of the state. If the victims of the breach are New Yorkers, the company must comply with the steps outlined in the law no matter where they are located. This can have a domino effect of sorts since disclosing the breach to those residents can help make consumers in other states aware that a breach has occurred, even if they are not going to be receiving notification letters due to their locations.

Moreover, the SHIELD Act in New York will cover biometric data, not just personal identifiable information like Social Security numbers or usernames and passwords. If a company gathers and stores things like fingerprints or blood type, that information is now considered worthy of triggering a data breach notification. In the past, different states have had different rules on what requires a notification letter, and until now, biometric data was not included in New York.

Further, the SHIELD Act will require companies to inform victims as quickly as possible that their information was compromised. If there are more than 500 victims from New York the company is also required to inform the state’s Attorney General’s office. It also outlines which types of information require a notification letter, such as email addresses and passwords, birthdates and SSNs. The SHIELD Act signed last week by Governor Cuomo, goes into effect in March 2020. It is based on a lot of consumer protection concepts that were put into place in Europe under the GDPR regulations that were enacted last year.

The SHIELD Act in New York was also inspired in part by the Equifax data breach from a year ago, an event in which 147 million consumers had their complete identities stolen by hackers. For its part, Equifax has now launched its claims website for consumers to find out instantly if their information has been compromised. If it has, the steps for filing a claim and seeking compensation are included on the site. The claims site can be found at EquifaxBreachSettlement.com.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. 

You might also like…

How to File an Equifax Claim for Data Breach Settlement

How To: Place a Free Credit Freeze

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.