Not to be confused with the California Consumer Privacy Act (CCPA), the Consumer Privacy Protection Act (CPPA) is a modernization of Canada’s existing data privacy regulations. Similar to the GDPR, the CPPA (Bill C-11) applies to any organization that processes the personal data of Canadian citizens for commercial purposes, regardless of where they are located. The last revision of the CPPA was on June 16, 2022, although it is unclear … Read more
The National Institute of Standards and Technology (NIST) is a non-regulatory government agency in the United States, that produce standards and guidelines to help federal agencies meet the requirements of the Federal Information Security Management Act (FISMA). The NIST password guidelines, as you might expect, provide recommendations for how passwords are created, verified, and handled. The guidelines are not enforced, although many companies choose to follow them in order to … Read more
Senate Bill 6: Everything you need to know about Connecticut’s New Privacy Law
05.18.2022, Compliance, by
Iain Roberts.
On April 28, 2022, the Connecticut General Assembly passed a new data privacy law called Senate Bill 6 (SB 6), which should come into effect on July 1, 2023. The new law is said to share similarities with the Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (CDPA), and Utah Consumer Privacy Act (UCPA). Who Does SB 6 Apply to SB 6 applies to all individuals and organizations in … Read more
The Payment Card Industry Data Security Standard (PCI-DSS) is a set of security standards that are designed to ensure that companies who collect and store payment card information (PCI) are able to do so in a secure manner. Best Practices for PCI Compliance PCI compliance is not a one-time event, but rather an ongoing process, which must be frequently reviewed and updated. Below are some of the best practices to … Read more
Cybersecurity continues to be a big concern for healthcare professionals. The growth of data breaches and cybersecurity attacks suggests that CISOs in the organizations should not hesitate to perform HIPAA security risk assessments and reevaluate their security reinforcements HIPAA is the Health Insurance Portability and Accountability Act of 1996. It is U.S. legislation created to improve healthcare standards. HIPAA sets the standards that protect sensitive patient data. HIPAA has a … Read more
The Gramm-Leach-Bliley Act (GLBA) Safeguards Rule was first promulgated in 2002 and was designed to ensure that financial institutions have measures in place to keep customer information secure. On October 27, 2021, the Federal Trade Commission (FTC) announced a number of important changes to the Safeguards Rule, which came into effect on January 10, 2022. The main purpose of these changes is to ensure that any non-bank financial institutions (or … Read more
