Experian Data Breach Resolution issued a white paper on the current state of data breach legislation that shapes how companies must prepare for and respond to a data breach.
In the wake of several recent high-profile data breaches, the discussion around data breaches is heating up, and impending changes have companies waiting for how that will impact their incident response at the state, federal and global levels.
Currently, companies face a segmented system of state- and sector-specific data breach laws. At the same time, policymakers in the European Union (EU), Australia and Brazil are considering new approaches to data breach notification that could impact businesses that engage in global commerce.
When a data breach occurs in the United States, businesses are guided by a patchwork of 49 existing laws in nearly every state, the District of Colombia and Puerto Rico. Adding to this complexity, state legislatures continue to modify their requirements to be stricter on the types of information that constitutes risk for identity theft. For example, Illinois currently is considering legislation that would take the definition of personal information beyond financial information and other key financial identifiers to less-sensitive data, such as marketing information.
There are several bills active in Congress that are aimed at forging a national data breach standard. Lack of consensus on the specifics of the legislation previously contributed to delays; however, the subject is once again a top priority for lawmakers to discuss during the 114th Congress. Although some in the security community are opposed to a federal data breach notification standard, the possibility of federal legislation preempting state laws is garnering more support than ever before.
For data, background and forecasts on Data Breaches: Search CardWeb.com’s CardFlash® Library of more than 58,000 archived articles; Access CardWeb.com’s CardData® for current and historical Performance, Portfolios, Profiles, etc. Visit RAM Research® (ramresearch.com) for quarterly and annual forecasts covering more than 150 metrics. [complimentary or deeply discounted access to CardWeb.com subscribers].
Additional database resources include CardWeb.com’s CardExecs® – comings & goings of payments movers & shakers; CardWeb.com’s CardWatch® – ears & eyes on marketing globally (57K items); and CardWeb.com’s CardPixes® – form & function of card design (7K items).