On June 11, Connecticut SB949 became a Public Act, after being passed by both chambers of the state legislature. Governor Dannel Malloy can now either sign the bill or take no action for it to become law. SB949 will, among other provisions, require companies that experience a security breach requiring notice to individuals under Connecticut […]
Data Security
Alston & Bird issues a Privacy and Security ADVISORY on Russia’s new Data Localization Law
Today, Alston & Bird issued a Privacy and Security ADVISORY on Russia’s new Data Localization Law will take effect in September, 2015. Penalties for non-compliance can be severe, including suspension of offending websites. Our Privacy & Data Security Group gives details on the law, the compliance challenges facing U.S. companies, and the solutions available to them. […]
The FTC Announces It Will Host a “Start with Security” Initiative in September
On May 13, 2015, Federal Trade Commission Chairwoman Edith Ramirez announced that the FTC will host an initiative for its “Start with Security” program in September. The FTC unveiled the “Start with Security” program in March at the IAPP Global Privacy Summit. During the unveiling, FTC Bureau of Consumer Protection Director Jessica Rich stated that […]
Nevada Expands Definition of Personal Information In Data Security Statute
On May 13, Nevada Governor Brian Sandoval signed Assembly Bill 179, which expands the definition of personal information for purposes of Nevada’s data breach notification and data security law. Effective July 1, 2015, personal information will include an individual’s medical identification number or health insurance identification number and a user name, unique identifier or email […]
NAIC Publishes Principles for Effective Cybersecurity
The National Association of Insurance Commissioners (NAIC) Cybersecurity Task Force adopted Principles for Effective Cybersecurity Insurance Regulatory Guidance on April 16, 2015. The document identifies types of safeguards regulators expect insurers to have in place to protect consumers from cybersecurity breaches. The guiding principles are intended to establish insurance regulatory guidance that promotes coordination and […]