The chairman of the powerful U.S. Senate Judiciary Committee, Sen. Patrick Leahy, is trying—after two failed attempts—to get his data breach bill made into law. But even though his bill would answer the pleas of many retailers by creating one single national standard for handling major retail data breaches, the bill’s details don’t deliver the…
Category: Legislation
Germany adopts stricter data protection law
On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including marketing,…
Leahy reintroduces data breach bill
Senate Judiciary Chairman Patrick Leahy (D-Vt.) has reintroduced a data breach bill that would set tougher rules for government agencies and private sector firms regarding consumers’ personal information. This will be the third time around the block for the Personal Data Privacy and Security Act, which has cleared the Judiciary Committee, but never come to…
Missouri data breach notification law goes into effect soon
Perkins Coie has provided a short synopsis of key requirements of Missouri’s new data breach notification law, which goes into effect on August 28, 2009. ….. In addition to the more common elements of first name or initial and last name in combination with unencrypted Social Security Number, driver’s license number, financial account number, or…
FAQ on Nevada’s Security of Personal Information Law (NRS 603A)
InfoSecCompliance (”ISC”) was recently asked by a prospective client to provide a summary of Nevada’s Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that incorporated the Payment Card Industry Data Security Standard (”PCI”). ISC decided to try something new and create a Frequently Asked Questions document around the…
California dreaming
Just a pointer: Over on PogoWasRight.org, I’ve posted a commentary on what new breach data out of California’s health care sector might predict for when the HITECH Act goes into effect nationally.