California Data Protection Laws - Is Compliance Good Enough

California SB 1386 requires that businesses protect customers’ personal information and provide notification if there is a security breach which reveals these data to unauthorized people. Since the California law went into effect back in July 2003, 50 of 55 States and Territories have followed suit, enacting some sort of data protection and/or breach notification law. Not all of these laws apply only within State boundaries as the Massachusetts data protection law (201 CMR 17.00) applies to every organization which obtains personal information on residents of the Commonwealth.

In addition to these state laws, there are today numerous federal data privacy, data protection and data breach notification regulations which impact specific industries – such as those included in the HIPAA / HITECH Acts in the healthcare arena. And on top of this, there are industry-specific regulations which apply – such as PCI-DSS. The result is a patchwork of confusing and sometimes contradictory statutes and regulations which impact almost every business in the US.

By watching this Lumension webcast you will learn:

• In-depth information on the statutes and regulations that apply to California businesses which collect customer data
• What mandates might be coming down the pike in the near future
• Why it's important to leave the "compliance state of mind"
• Some recommended tools and processes to leverage in developing an effective IT risk management program