InfoSecCompliance (”ISC”) was recently asked by a prospective client to provide a summary of Nevada’s Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that incorporated the Payment Card Industry Data Security Standard (”PCI”). ISC decided to try something new and create a Frequently Asked Questions document around the PCI requirements contained in the Security Law. For better or worse (after sinking in 15 – 20 hours) ISC ended up doing FAQs for the entire Nevada Security Law. This turned out to be a much bigger work than originally anticipated, so ISC is going to do a five-part blog post series breaking down the Nevada Security Law into (hopefully) digestible parts.
This FAQ is broken down into six sections that will be posted over five posts over the next week or so. The postings will be broken down as follows:
Post One: The Basics of Nevada’s Security Law and Destruction of Records
Post Two: Security Breach Notice
Post Three: Required Security Measures
Post Four: Encryption and PCI Compliance
Post Five: Remedies, Penalties and Enforcement
Check the site for updates when the posts become available. Post One is available now.