Contact us today!

Network Solutions Unlimited Blog

Network Solutions Unlimited has been serving the Decatur area since 2013, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your State Dictates Data Security Notifications… Will You Be Notified?

Your State Dictates Data Security Notifications… Will You Be Notified?

In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal identity theft and prevention, it’s important to keep in mind that not all the stolen data records target individuals. Business entities are also at risk. Vendors and partners that you do business with regularly will probably have record of your company’s non-public information, payment information, or tax ID number.

In the wake of the major breach of Equifax that resulted in 143 million records stolen, there have been many questions raised about data security and breach notification laws. One of the most concerning issues was the long delay between when the breach was discovered by Equifax and when the public was notified of the breach. To help clarify how data breach notifications work and why it was technically acceptable for Equifax to wait as long as they did before notifying their customers, there are a few things you should know.

State Laws
Only 47 out of 50 states currently have data breach laws. Alabama and New Mexico have proposed bills regarding data security and notification that are before their state legislature. The lone holdout on data breach laws is South Dakota, who has yet to propose a bill of any kind.

Since each state has its own laws on data security, there are no unified standards, and laws vary in each state. For example, New York law requires that notification of a breach should be given in the most expedient time possible and without unreasonable delay. In Wyoming, however, notice of a breach must be reported within a reasonable time that is not to exceed 45 days after the entity learns of the acquisition of personal information. Florida requires notification within 30 days.

However, these notification deadlines aren’t ironclad. Nearly all of the policies indicate that they will allow the entity to delay notification for cause. Reasons for delay vary from state to state, however, criminal investigations or national security are both common reasons that a delay in notification would be allowed.

Federal Laws
At the present, there are no comprehensive data breach laws on the federal level. While the Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach-Bliley Act (GLBA) are federally mandated regulations that do have data breach policies enforced by the federal government, they are industry-specific. There is no federal law that encompasses a general data security policy.

Since Equifax is a financial institution, it’s required that they adhere to the standards set forth by the GLBA. Unfortunately for about half of American adults, the GLBA does not have a deadline for disclosure. The act merely says that the financial organization should notify the affected party ‘as soon as possible’. Despite waiting 40 days before disclosing the breach, Equifax was following the regulations as outlined by the GLBA.

In addition to having different notification laws for each state, other aspects of data security laws are just as diverse. Each state has different policies on who the law applies to, what constitutes a breach, who must be notified, how they must be notified, enforcement and penalties, and entities exempt from the law.

Are you familiar with data breach notification laws for your state? The National Conference of State Legislatures offers current laws for each state. SMBs should be aware of the data security laws that might affect them and how to handle the situation - regardless of whether they’re the entity that was breached or had their information stolen. The good news is that you don’t have to go it alone. Network Solutions Unlimited can help you make sure that your non-public information doesn’t go public.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 21 February 2018

Captcha Image

Mobile? Grab this Article!


Tag Cloud

Augmented Reality Files Keyboard Ransomware Word Tip of the Week Personal Information IT Solutions Miscellaneous Wireless Robot Windows Ink Project Management Upgrades Travel Safety Google Maps Bandwidth Privacy Ciminal Advertising Cybersecurity Laptop Cloud Computing Tablets Loyalty Alert NFL Mobile HIPAA Dark Web IT Management HaaS Mobile Devices Customer Office 365 Phone System Mobility Settings Remote Computing Content Filtering Business How To Audit Virtual Reality IT Support Samsung Social Engineering Shadow IT Gadgets WIndows Server 2008 Internet Exlporer Automation Hiring/Firing Cast Software as a Service Scalability Instant Messaging Business Continuity Microsoft Scam Networking Recovery IT solutions Data Security Sales Two Factor Authentication Emails Law Enforcement Windows 10 Gmail Business Owner Managed IT Services Save Time Budget Search Microsoft Word Cleaning Google Congratulations MSP Wireless Technology Worker Remote Monitoring Upgrade Root Cause Analysis Information Technology Solid State Drive Devices Password Television Administration Social Media Data Loss Smartphones Lifestyle Screen Mirroring Professional Services PDF Microsoft Excel Google Drive WannaCry Going Green Emergency Legislation Worker Commute Blockchain File Sharing Entertainment Hardware Google Docs Phishing Two-factor Authentication Compliance Microsoft Office Cortana Business Intelligence Small Business Workplace Tips Spam Computers Nanotechnology Malware Gifts Tech Support Chrome Save Money FAQ Managed IT Office Internet exploMicrosoft Encryption Unsupported Software Meetings Public Computer Users User Error Battery Outsourced IT Touchpad Techology Maintenance Document Management Wi-Fi IT budget Bring Your Own Device Employer-Employee Relationship Passwords Computer Fan hacker Bluetooth Sports eWaste Computer WiFi Artificial Intelligence intranet Adobe Big Data Reputation Apple Marketing Computer Care Network OneNote BYOD Virtualization Touchscreen Unified Threat Management iOS Government Identities Data Breach Collaboration Chromecast Software Browser Server Communications Identity Theft Patch Management Books Security Productivity Vulnerability Computing Infrastructure Operating System Best Practice Hacking Outlook Comparison Cybercrime How to Webinar Experience Sync Smartphone Conferencing Internet of Things Business Management Windows Efficiency Applications Telephone Systems Mobile Device Management Router Benefits Commerce Specifications Data Backup Windows 10s Video Games Training Data Application Hosted Solutions Quick Tips Humor CrashOverride Productivity Storage Legal Vendor Management Hybrid Cloud Business Computing End of Support Black Market Hard Disk Drive Fraud Cloud Electronic Medical Records Relocation Best Practices Data Management Troubleshooting The Internet of Things Physical Security Evernote HBO Education Colocation Politics Private Cloud Public Cloud Email Managed IT Service Health Wireless Charging Backup BDR Excel Updates Cache Managed Service Provider Value Content Rootkit History Windows 10 VoIP Technology App Office Tips iPhone Credit Cards Retail Downtime Hackers Apps Managed IT Services Shortcut Regulation Holiday Mobile Device Redundancy Hard Drives Monitors Data Recovery Risk Management Saving Money Flexibility Transportation Smart Technology Workers Internet Facebook Firewall Assessment Automobile Data Storage Android Licensing Charger IT Services Device Security SaaS Consultant Employer Employee Relationship Data Protection Data storage Computer Accessories Cost Management Innovation Audiobook Spyware Edge Network Security Thank You Money Proactive IT Hosted Solution Avoiding Downtime Disaster Recovery Monitor IT Support User Tips Spam Blocking VPN Work/Life Balance USB

Sign Up for Our Newsletter

  • Company Name *
  • First Name *
  • Last Name *