Nevada Personal Information Data Privacy Encryption Law NRS 603A To Replace 597.970.

Nevada passed an update version of their data privacy and breach notification laws on May 30, 2009.  According to Nevada Senate Bill 227, NRS 597.970 has been repealed to make way for NRS 603A.  The new law will go into effect on January 1, 2010, according to  And, it looks like the use of […] read more

Missouri Personal Information Data Privacy Notification And Encryption Laws: Section 407.1500.

What Is Considered A Personal Information Security Breach In Missouri? What Needs To Be Included In The Client Notification Letter? What Methods Can Be Used To Notify Clients? Penalties Encryption Provides Safe Harbor? Missouri is the 45th state to pass a data breach notification law, which will go into effect on August 28, 2009 (which […] read more

Disk Encryption Software Would Have Prevented Data Protection Act Breach By Five NHS Trusts.

Five National Health Trusts have been found in breach of the Data Protection Act.  Most of these breaches could have been avoided via the use of disk encryption software like AlertBoot.  However, they hadn’t used the correct data protection programs–if at all–and have had to undergo formal undertakings with the Information Commissioner’s Office. The five […] read more

Australia Personal Information Data Encryption Provision And Security Laws.

As of July 1, 2009, Australia does not have any laws regarding notification of data breaches.  However, there are efforts underway to alert Australians (and the government) in the event a company or agency experiences a breach of sensitive data that could affect Australians.  There will be exceptions, of course.  For example, exceptions will be […] read more

New Jersey Personal Information Data Encryption Provision And Security Law.

Definition of “breach of security” and “personal information” What to do in the event of a breach Notifications – How To New Jersey’s personal information data breach laws contain a safe harbor for entities that use encryption (specifically, the New Jersey Statute 56:8-161 and 56:8-163).  I’m not a lawyer, but thankfully the law is written […] read more

Data Breaches In Australia And New Zealand: Over Half Of SMBs Have Them.

According to a new Symantec survey, 58-percent of Australian and New Zealand (ANZ) small and mid-sized businesses (SMBs) have experienced information security breaches.  Information security breaches include instances where data is lost, stolen, or hacked because there isn’t adequate protection in place, like data encryption software. Of those who answered the survey, 45-percent had experienced […] read more

Data Loss Prevention Failure Should Lead To CEO Jail Time?.

An international survey conducted by Websense reveals that 30% of respondents think that CEOs and board members at companies where a data breach occurred should be jailed.  Now, I wouldn’t find this too surprising, except that it was a survey done on security professionals at the 2009 e-Crime Congress.  That’s got me scratching my head. […] read more

Nevada Personal Information Data Privacy Encryption Laws: NRS 597.970.

(Updated 10 August 2009 – NRS 596.970 will stop being effective on January 1, 2010, with NRS 603 taking its place) Penalties For Violation Of Nevada’s Data Privacy Law Personal Information Defined According To Nevada Encryption Law NRS 597.970 Criticisms The Nevada encryption law regarding personal information went into effect on October 1, 2008, meaning that Nevada […] read more