David Zetoony of Bryan Cave writes:
There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and practical strategies for managing compliance with them, are discussed in a Washington Legal Foundation Contemporary Legal Notes paper I authored, Data Privacy and Security Practical Guide for In-House Counsel.
Nonetheless the push continues to be a push for more regulation to make sure that the consumer data held by companies is secure.
Quantity does not, in this case, equal quality. In fact, it means the opposite.
Read more on Lexology to find out what Zetoony does recommend.