2020 is finally here, and for most of us, that means it’s time to reflect on the past year and think about whether or not we accomplished our goals. If we didn’t, we typically resolve to do better in the coming days. What better time than now to start thinking about data security? As cybercrime is evolving at a rapid rate, it’s important to ensure you’re doing everything possible to protect your patients information. Chances are, you’re already concerned with Health Insurance Portability and Accountability Act (HIPAA) compliance. But this year, there’s a new data security law coming into effect, and those in the healthcare industry will need to pay special attention to it.
New York’s SHIELD (Stop Hacks and Improve Electronic Data Security) Act comes into effect on March 21, 2020. Governor Cuomo, who signed the SHIELD act into law on July 15, 2019, expressed, “As technology seeps into practically every aspect of our daily lives, it’s increasingly critical that we do everything we can to ensure the information that companies are trusted with is secure.”
He continued to review the importance of the new law, “The stark reality is security breaches are becoming more frequent, and with this legislation, New York is taking steps to increase protections for consumers and holding these companies accountable when they mishandle sensitive data.”
The SHIELD Act focuses on ensuring companies better protect sensitive information belonging to residents of the state. The territory extends further than the state itself - requiring ALL businesses and healthcare organizations that store or access information belonging to residents of the state to ensure the proper safeguards are in place to protect that information. Under the SHIELD Act, the definition of a breach has been expanded to include any sort of unauthorized access to digitized data that may compromise the integrity, security, and confidentiality of private information
In addition, the definition of private information has been expanded to include the following:
If you’re HIPAA-compliant, you’re likely already compliant with the SHIELD Act. However, there are various elements of the bill that impact your healthcare organization. First and foremost, a distinction between private and health information is created - meaning private data refers to personal information, such as an identifiable link tied to social security numbers, debit card information, and other types of data. In addition, private information also refers to retinal scans or patient portals.
What does this mean? It means if a breach occurs wherein email addresses and passwords are breached, it falls under this law. The biggest impact on healthcare organizations is in regards to the new reporting requirements.
Need help complying with the SHIELD act? Call (631) 203-6403.
LI Tech Advisors is the top healthcare IT services company in Long Island, NY and surrounding areas.
Like this article? Keep reading…
How to Save Your Business from Drowning in Complex Technology
Best Practices for Creating & Protecting Your Passwords
How Can You Use Technology to Automate Your Finances?
Anthony has been in the MSP business since before the acronym existed. Managed IT once started as break-fix solutions and some light phone support.
Since then, he has seen the industry flourish into a landscape of platforms, cloud servers, software tools and AI . Tailoring network configurations and software stacks to the specific needs of each business.
In his current role, he focuses on proactive planning, ensuring clients can avoid potential issues altogether. This involves meticulous planning for enhanced business continuity, allowing swift resolution of any unforeseen challenges. What initially began as addressing "fires" through break-fix solutions has evolved into a proactive approach, ensuring that such issues are prevented from arising in the first place.
