New York


Data Privacy Services

Appolo Compliance collaborates with investment managers to support the ongoing maturity of their data privacy compliance programs.

New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act

The SHIELD Act strengthened New York’s breach notification law. Organizations who collect New York residents’ personal data must implement a data security program that provide reasonable safeguards to protect personal data.

New York Department of Financial Services (NY DFS Cybersecurity Regulations)

NY DFS established standard for financial services organization in New York. Organizations must report data security breaches to the Department within 72 hours of detection. Organizations must conduct risk assessments; maintain audit trails; dispose of data securely; limit access; develop a written cybersecurity policy; designate a Chief Information Security Officer; and abide by other best practices for cybersecurity.

General Data Protection Regulation (GDPR)

The General Data Protection Act (GDPR) became law in the European Union (EU) in May 25, 2018. The GDPR is a data protection and privacy regulation. The GDPR also establishes requirements for the transfer of personal data outside the EU.

Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) was enacted by the PCI Security Standards Council (PCI SSC) to combat financial fraud. PCI DSS created data protection minimum standards for businesses that process credit card data.

Regulation S-P

Regulation S-P requires registered broker-dealers, investment companies, and investment advisers to “adopt written policies and procedures that address administrative, technical, and physical safeguards for the protection of customer records and information.”

Gramm-Leach-Bliley Act (GLBA)

GLBA applies to financial institutions. GLBA regulates financial institution management of nonpublic personal information defined as personally identifiable financial information provided by a consumer to financial institution.

California Consumer Privacy Act (CCPA)

The CCPA became law in California on June 28, 2018. The CCPA gives consumers more control over the personal information that businesses collect about them. Moving forward, businesses that target California residents must protect certain consumer privacy rights.

Serving New York City Businesses

Appolo Compliance is committed to helping investment advisers in the New York City area comply with data privacy and cybersecurity laws and regulations.

About New York

New York City is a global hub for culture, financial services and media. Recently, New York City has also emerged as a tech hub. Many Fortune 500 companies are headquartered in New York City.