Providing Compliance with All 46 State Laws
As of November 2010, 46 states have data breach legislation in place. In most of these states the laws have been on the books for several years – with very few amendments. But as the threat landscape continues to evolve and data breaches occur more frequently, recent legislation has become increasingly stringent and has expanded far beyond notification of affected parties, moving toward a preventative or proactive approach with requirements for protecting personally identifiable (PII) data, specifically providing safe harbor for encrypted data. The latest wave of legislation calls for businesses to comply with current Payment Card Industry Security Standards (PCI DSS).
Encryption Provides Exemptions in Many States
One constant in many of the state laws is a safe harbor provision, which provides an exemption to disclosure requirements and fines if PII and payment card data are encrypted. Liaison Protect™ is the software solution that can quickly and easily bring your organization into compliance with even the most stringent state laws. It’s an integrated encryption, tokenization and key management solution that is in production use protecting PII and reducing PCI DSS challenges for organizations around the world. Our customers have successfully passed hundreds of PCI DSS audits, and are increasingly protecting a wide range of PII such as passport, Social Security and National Insurance numbers; passwords; health records and more.
The evolution of state breach legislation makes it clear that laws are only getting more stringent when it comes to protecting PII. As a practical matter, businesses must comply with the laws in the most highly regulated state. This is especially the case for businesses that engage in interstate commerce or e-commerce. nuBridges offers a Resource Guide to help organizations easily navigate this maze through links to information about laws governing business dealings in the 46 states that have codified protection of personal information.