Amy Crafts writes: Massachusetts’s new data security regulations, effective as of March 1, 2010, currently set forth the country’s most stringent requirements for protecting data. Extending beyond what is required by other states, Massachusetts specifies that, for example, covered entities must implement a written information security program and must encrypt personal information that will be…
Category: Breach Laws
German court orders wireless passwords for all
Kirsten Grieshaber of the Associated Press reports: Germany’s top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data. Internet users can be fined up to euro100 ($126) if a third party takes advantage of their…
Mexico Passes Sweeping New Law on Data Protection
Jeremy Mittman writes: On April 27, 2010, a sweeping new law on data protection was passed by the Mexican Senate, clearing the way for the President to sign the landmark legislation, which provides for penalties up to an astounding $1.5 million for violations under the law. The new Federal Law for the Protection of Personal…
New breach notification requirements in effect in Canada
From the Office of the Privacy Commissioner of Alberta: Amendments to the Personal Information Protection Act (PIPA) were proclaimed in force on May 1, 2010, and added a new requirement for organizations to notify the Information and Privacy Commissioner of incidents “involving the loss of or unauthorized access to or disclosure of personal information where…
Guernsey: Data protection law amended to include prison time
Michael Adkins of Collas Day summarizes amendments to the Data Protection (Bailiwick of Guernsey) Law. According to Wikipedia, Guernsey is a possession of the UK and not part of the UK nor part of the EU. Of particular interest to me in their amendments: Section 55(2) has been amended to offer further exemptions to people…
Last State Without a Breach Notice Law? Not Mississippi
Tanya Forsheit reports: Yesterday, Mississippi Governor Haley Barbour approved Mississippi’s first breach notification law, House Bill 583, leaving only four states without a notification law (Alabama, Kentucky, New Mexico, and South Dakota). Read more on InformationLawGroup. The law goes into effect July 1, 2011.