croom new

Why You Should Pay Attention to Data Security Notifications

Why You Should Pay Attention to Data Security Notifications

If you’ve watched the news lately, chances are you’ve seen the Equifax breach and the ridiculous fallout it has caused. Over 133 million personal records have been stolen. While it’s difficult not to feel individually victimized by such a breach, it’s important to remember that it’s often not your specific credentials targeted by hackers. Since businesses often hold onto valuable information, they have big crosshairs painted onto them. It doesn’t even stop there--any vendors or partners you deal with are also in danger of hacking attacks.

The Equifax breach, which resulted in 143 million records being stolen, has many people concerned about their data security and data breach notification laws--and rightfully so. One of the biggest points of contention with the Equifax breach was that it took so long for them to notify the public following the incident. We’re not here to argue the ethics of Equifax’s decision to withhold information on this breach--we just want to make sure that you understand the technicalities behind why it was acceptable for them to wait before notifying their customers.

State Laws
At the time of writing this, 47 of the 50 states in the United States have data breach laws, with the only holdouts being Alabama, New Mexico, and South Dakota. While Alabama and New Mexico have at least introduced bills regarding data security and notification, South Dakota has yet to do so.

Another issue comes from the fact that these laws are state-exclusive with no unifying standards. Therefore, the laws could be very different from state-to-state. For example, New York’s law demands that notification of a breach should be given as soon as possible and without any unreasonable delay. Wyoming’s laws, on the other hand, require that notice of the breach be reported within a reasonable amount of time that does not exceed 45 days after the company is made aware of the breach. Florida requires notification within 30 days.

These notification deadlines aren’t necessarily steadfast, either. Did you notice how each of them allows companies to delay notification if there is a valid cause? Depending on the state, there may be various reasons for delay in notification. For example, criminal investigations and national security are both perfectly valid reasons to keep a notification of a breach delayed.

Federal Laws
While there is no data breach law on the federal level, there are various industry-specific regulations. For example, there is the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA), both of which have specific data breach policies enforced by the federal government. Unfortunately, there is no federal law which spans a general data security policy, so states will be dealing with these issues in their own ways.

Due to Equifax being a financial institution, it’s expected to hold fast to the standards put into place by the GLBA. Since the GLBA doesn’t have a deadline to inform affected users, Equifax technically adhered to the regulations. In the eyes of the law, they did nothing wrong--even if they should have been morally obligated to inform users as soon as possible.

Even though there are different notification laws for each state, there are other aspects of data security laws that vary based on both the industry and the state vs federal level. Every state has different policies regarding who the laws affect, what exactly defines a breach, who must be notified, how they must be notified, how the laws are enforced (and penalized), and who is exempt from the law.

If you need to know more information about the data breach notification laws of your state, the National Conference of State Legislatures offers current laws for each state. Your business needs to know how it will be affected by a data breach. To learn more, reach out to Eclipse Integrated Systems at 800-340-0505.

Tip of the Week: How to Determine Which VPN is Bes...
Virginia To Upgrade Voting Machines. Hopefully Oth...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, September 23 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Business Computing Google Hackers Network Security Malware Internet Software Business Management User Tips Microsoft Hosted Solutions Tech Term Computer Innovation Productivity Backup Windows 10 Cybersecurity Productivity Business Efficiency Apps Managed IT Services Windows Mobile Devices Smartphones Email Browser Saving Money Hardware Virtualization Cybercrime Smartphone communications Data Recovery Law Enforcement VoIP Communication Collaboration Disaster Recovery Operating System Data Backup Passwords Internet of Things Small Business Workplace Tips IT Support Microsoft Office Business Continuity Android Ransomware Data Security Miscellaneous Holiday Server Mobility Gadgets Cloud Computing Network Office 365 Social Media Mobile Device Management Telephone Systems BDR IT Support Wireless Quick Tips Money Data Chrome Phishing Risk Management Application Information Technology App Update Cost Management Wi-Fi Users Password Employer-Employee Relationship Unsupported Software Health Best Practice Vulnerability Government Google Drive Social Outsourced IT IT Services User Error Patch Management Spam Work/Life Balance Alert Facebook Managed Service Provider Computers Windows 10 Two-factor Authentication Current Events Office tips Upgrade Hacking USB Shortcut Artificial Intelligence Antivirus Data Management Save Money Mobile Device Proactive IT Sports Identity Theft Managed IT Streaming Media Blockchain Politics Automation Bandwidth Gmail SaaS Commerce End of Support Battery Tech Support Data Storage Computer Care Television Marketing Private Cloud Transportation Data Protection Maintenance Internet Exlporer iPhone Managing Stress The Internet of Things HaaS Wireless Technology Hosted Solution Automobile Office Excel Networking Meetings Storage Personal Information Samsung OneNote Mobile Security VPN Going Green Cleaning Legal Information Social Engineering Devices Telephony Humor Apple Search Cortana Analytics Managed IT Services Remote Computing eWaste Business Intelligence Flexibility Mobile Computing DDoS Touchscreen WiFi Recovery Audit Wireless Charging Company Culture Encryption Compliance Google Docs Save Time Router History Fraud Chromecast Adobe Microsoft Word Error Comparison Smart Technology Computer Fan Books Managed IT Service Data Breach Instant Messaging Hard Drive Microsoft Excel Identities Hacker Hard Disk Drive Experience RAM Files How To Computing Plug-In Fax Server Word Edge Safety Emails Text Messaging Trends Credit Cards Cables Applications Unified Threat Management Point of Sale Internet Explorer Microsoft Office 365 Laptop Screen Mirroring Specifications WannaCry Outlook Evernote Chromebook Reporting Teamwork File Sharing Language Keyboard Phone System Microsoft Teams Vendor Management App store Remote Monitoring and Management Robot Windows Ink Ciminal Webinar A.I. IT Management Virus Voice over Internet Protocol Licensing Device Security Upgrades Advertising Threat Access Control Touchpad Cast Sales Video Games Wearable Technology Printing Medical IT Data storage Music G Suite Trending IT Solutions FAQ Reputation Analysis Lithium-ion battery Google Maps Project Management IT solutions Movies Proactive Administrator Travel Consultant PowerPoint Authentication BYOD Retail Scam Nanotechnology Sync Workers Virtual Reality Google Assistant GDPR Hiring/Firing iOS Bring Your Own Device Charger Training Black Market Identity Managed Service Data Loss IT budget Windows 10s Entertainment Websites Amazon Access Tablets Spyware Connectivity Authorization Uninterrupted Power Supply Operating Sysytem Conferencing Employer Employee Relationship Root Cause Analysis Budget Running Cable Updates Education Value Dark Web Legislation Benefits Big Data Hybrid Cloud WIndows Server 2008 Settings Data Privacy SharePoint Solid State Drive Unified Communications Scalability Data Theft Virtual Assistant Bluetooth Distributed Denial of Service NFL Electronic Medical Records PDF Worker Commute Downloads Avoiding Downtime HBO Gifts Computer Accessories Augmented Reality Twitter Cache Relocation Regulation Troubleshooting Remote Monitoring CrashOverride Emergency Disaster Monitors Worker Printers

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      Latest News

      Eclipse Integrated Systems launches new website!

      Eclipse Integrated Systems is proud to announce the launch of our new website at www.eisystems.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.

      Read more ...

      Account login