FTC Seeks Comment on Proposed Amendments to Safeguards and Privacy Rules
The FTC is seeking comment on proposed changes to the Safeguards Rule and the Privacy Rule under the Gramm-Leach-Bliley Act. The Safeguards Rule requires a financial institution to maintain a comprehensive information security program. The Privacy Rule requires a financial institution to inform customers
Freshman Delegate Hala Ayala recently introduced House Bill 2793 in this session of the Virginia General Assembly. If enacted, the legislation will impose new requirements on businesses with regard to the disposal of certain consumer records and manufacturers in the design and maintenance of devices that connect to the internet.
Continue Reading Virginia General Assembly to Consider Minimum Security Standards for Care and Disposal Consumer Information and Security of Connected Devices
Yesterday Gov. Jerry Brown signed California Consumer Privacy Act of 2018, which grants California residents unprecedented control over the collection, use, and sale of personal information. Many have already speculated that other state legislatures will follow suit and adopt a similar law in their own states, as has occurred in the wake of past California laws on data privacy and security. A copy of the law can be found here.
Continue Reading New California Privacy Law Could Have Nationwide Implications
South Carolina has become the first state to enact cybersecurity legislation for the insurance industry.
On May 3, Governor McMaster signed a bill requiring South Carolina insurers to “develop, implement, and maintain a comprehensive information security program” for their customers’ data. 2017 SC H.B. 4655 (NS). Based on the insurance industry model rules, the South Carolina Insurance Data Security Act has three primary aims: it requires “licensees” to prevent, detect and remediate insurance customer data breaches.Continue Reading South Carolina Requires Cybersecurity Program for Insurance Licensees