New Information Security & Privacy Laws for PII Coming in 2010

While most businesses already have enough to worry about in these tough economic times, some companies in certain states will have to prepare for new information security and privacy laws regarding Personally Identifiable Information (PII).

According to an article on hrNsight.com, this PII – which can include name, address, date of birth, social security number, driver’s license, and credit or debit card numbers – could create hidden security and privacy liabilities for companies planning mergers, acquisitions, or any other process requiring the transfer of personal information because information security and privacy practices have come under increased scrutiny.

The hrNsight.com article reports two states, Nevada and Massachusetts, have new laws relating to the security and privacy of personal information on the books ready to take effect early in 2010:

• Nevada: Effective January 1, 2010, new information security and privacy regulations (Nevada Senate Bill 227) require “the compliance with certain standards of the use of encryption by data collectors when transferring personal information.” More specifically, a data collector must “use encryption to protect information that is either transmitted electronically or contained on a data storage device” that is outside the company’s secure system and “beyond the controls of the data collector.”
• Massachusetts: Effective March 1, 2010, new information security and privacy regulations (M.G.L. c. 93H) require companies owning or licensing personal information of Massachusetts residents – who have suffered more than one million exposures of personal information over the last two years – to implement a comprehensive information security program that includes requiring the “encryption of all transmitted records and files containing personal information that will travel across public networks, and encryption of all data containing personal information to be transmitted wirelessly.”

These new regulations in Nevada and Massachusetts implementing information security and privacy laws should be a wake-up call for businesses in every U.S. state to realize that – in today's Age of Information – good data security and good data privacy equals good business.

Pre-Employ.com – a nationally recognized background check and Human Resources Outsourcing (HRO) provider – was recently ranked in HRO Today Magazine's 2009 Bakers Dozen of Top Employment Screening Services. For more information about how good data security and privacy equals good business, view a complimentary webinar on demand at www.pre-employ.com/webinars/Data-Privacy-Webinars.aspx, take a tour at www.pre-employ.com/Tour/, visit www.pre-employ.com, email info@pre-employ.com, or call 1-800-300-1821.

Follow Pre-Employ.com on Twitter at www.twitter.com/PreEmploy.

pr@pre-employ.com

*We welcome relevant comments and questions from consumers, experts, and human resources professionals. Please do not submit comments with advertisements as they will not be posted publicly. Thanks for visiting our blog!