All 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have enacted data breach notification laws. The first data breach law was passed in 2002 in California, and in 2018 the final two states, South Dakota and Alabama, passed their data breach laws. Some states require reporting of breaches to the
The World Privacy Forum advised the SEC in comments today regarding the SEC proposal to modernize the description of business, legal proceedings, and risk factor disclosures pursuant to Regulation S-K. In its notice, the SEC described risk from environmental regulation as material to companies. In its comments to the SEC, WPF noted that privacy and
The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.
The National Academies of Science have released Securing the Vote: Protecting American Democracy. The consensus report richly documents how, during the 2016 presidential election, actors sponsored by the Russian government attacked the US voting and election infrastructure. The report assesses the web of technology infrastructures related to voting, and gives detailed recommendations for strengthening these
PDF Version of Release here 24 May 2018 For Immediate Release Historic Data Broker Regulation in the United States Welcomed by World Privacy Forum Vermont: First state to adopt modern rules for unregulated data brokers WPF call for data broker protections to be elevated to national level and provided for consumers in all states in