On October 23, 2019, New York state's Stop Hacks and Improve Electronic Data Security (SHIELD) Act went into effect. The law broadens the state's existing breach notification laws and imposes new security obligations for companies doing business in New York, including an expanded focus on how companies handle biometric data. The SHIELD Act also applies to employee information, as long as there is at least one employee in New York state, regardless of the size or location of the company. As such, the law will have a significant impact on businesses across the country that have private information about consumers and employees based in New York.

This article is presented for informational purposes only and is not intended to constitute legal advice.