October 22, 2008, 5:01 AM — The Nevada law that requires businesses to encrypt data that is transmitted to customers took effect this month, and is expected to have an impact far beyond the state’s borders. An article in today’s Wall Street Journal highlighted some of the challenges of the bill, to which all companies doing business with people in Arizona must comply.
Nevada is just the first of several states that are considering similar laws. Already, more than 40 states have breach notification laws, which require businesses to notify customers if their personal information is stolen or exposed. But beyond requiring notification, these laws do very little to prevent the attacks from occurring in the first place. There’s a big difference between telling someone, “your personal information was exposed,†and requiring action to prevent it from being exposed. The Nevada law is the first that takes this tactic, going much further than any notification law ever has. Read the rest of this article>>
