The New York electronic data security SHIELD Act went into effect on October 23. Now, the deadline for compliance with data security portions of the SHIELD Act is just weeks away: March 21, 2020. The SHIELD Act applies to virtually any business with New York resident clients/patients. Failure to comply can result in significant penalties to our clients.
Harris Beach partner Alan Winchester, leader of our Cybersecurity Protection and Response practice and member of our Health Care Industry Team, co-hosted a recent webinar that helps define what needs to be done to meet the new requirements. Alan examined the mandate from a legal perspective. Technical aspects were covered by security solution provider iV4 and its CTO, Michael Montagliano, along with Michael Compisi from Caetra.io, a privacy and data security company and Harris Beach subsidiary. Find a recording of the SHIELD Act webinar on our website.
The session covered:
• Why the SHIELD Act was created and who it applies to
• Specific requirements and deadlines
• Legal implications and penalties
• Security program requirements
• Control framework development
• Steps your organization needs to take and who can help
Please take a listen. The New York state health care industry — including those providing health services as well as vendors servicing the industry — must be ready to comply!