SAMR Inc.'s Albert Boufarah Warns Corporations to Protect Data as SHIELD Act is Signed Into Law
Monday, January 20, 2020 9:15 AM
LAKEWOOD, NJ / ACCESSWIRE / January 20, 2020 / Citing the New York state SHIELD Act that was recently signed into law, Albert Boufarah, Founder and President of SAMR Inc., one of the nation's premier fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company, has warned of an abruptly changing legal tightrope for all companies that manage customer information.
The recently signed law follows the GDPR trend of expanding who is covered under data protection regulations. For example, SHIELD covers all business types with private information (as opposed to federal laws like HIPAA and GLB that focus on specific business sectors). Also, as a direct result of this law, even businesses that are not located in the State of New York may be subject to fines. The SHIELD Act applies to all companies that have information that is applicable to any New York resident or entity.
"This expansive new legislation in New York is the continuation of a growing trend that has been sweeping the nation, and we've seen about 20 states passing similar laws with others having this in their pipelines," Boufarah says. "Major international companies like Google, Facebook and British Airways have incurred significant fines under GDPR regulations in Europe, and now companies here in America are subject to the same under New York's SHIELD Act. Companies are now facing more intense scrutiny than ever over their practices of managing digital data. The stern warning of holding companies liable threatens significant danger potentially forthcoming for corporations that don't perform their due diligence when it comes to protecting data from hackers and cybercriminals. These recent laws will be a linchpin for legislation to be eventually passed at the national level."
The SHIELD Act imposes specific data security requirements, including when it comes to mentioning disposal of devices that contain data. Under the legislation, businesses must make certain that their devices (as well as their partners in disposal service) have both technical and physical safeguards in place, indicating that all measures to curtail information getting into the wrong hands are being taken.
Boufarah noted that various cybercrimes are now at an all time high, and acknowledged that the hacking of physical hardware and devices is too often overlooked. He contends that the best defense against a potential breach (in concert with the aforementioned safeguards) is to ensure that data on discarded hardware & software is properly destroyed.
"Any piece of equipment should absolutely include total, physical data destruction, otherwise it is not being properly recycled," said Boufarah. "It's integral to assure guaranteed destruction. There are many companies that believe their data will be wiped when they drop their material off to be recycled and unfortunately, this does not always happen. In addition, unlawful & improper distribution of electronic waste to other nations has been an additional layer to the issue of hardware security since it all too often leads to the entire liquidation of the privacy of individuals & corporations."
SOURCE: Albert Boufarah