BreachExchange mailing list archives
FRINGE Data Breach notification "laws"
From: Henry Brown <hbrown () knology net>
Date: Thu, 12 Nov 2009 05:57:23 -0600
http://www.databreaches.net/?p=8199 Comparing breach notification laws November 10, 2009 by admin “International Security Breach Notification Survey” is a new resource prepared by Foley & Larnder LLP and Eversheds LLP, November 2009. The report summarizes and compares the laws in various countries in tabular format, with comparisons based on: Notice Requirements (to who – (i)individual and (ii)regulator?), Timing of Disclosure (does it have to be done in a particular time period?), Form of Disclosure (does it have to be submitted in a particular way or with particular content?), Are there reporting or other obligations on entities that maintain data (ie Data Processors)?, Existing Policies (can the controller use their own procedures as opposed to those prescribed by law?), Exemptions from Disclosure, Damages/Enforcement, and Preemption (is there deemed compliance with the local law if you comply with another specified law?) For U.S. states, the notification laws are compared on the basis of: Notice Requirements, Timing of Disclosure, Form of Disclosure, Entities that Maintain Data, Existing Policies, Exemptions from Disclosure, Damages/Enforcement, and Preemption. View or download the free 158-page report here. http://www.govexec.com/nextgov/1109/securityBreachTable.pdf _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- FRINGE Data Breach notification "laws" Henry Brown (Nov 12)