A growing attack surface and the exponential rise of data has opened the floodgates for breaches, leading to increased scrutiny by regulatory agencies. It’s not surprising that in recent years, regulators have had to double down with compliance mandates that are more stringent and punitive than ever before.
May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions. What benefits have those organizations experienced in achieving compliance, for instance? Have they encountered any drawbacks along the way?
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law as part of the American Recovery and Reinvestment Act (ARRA) in 2009. The HITECH Act encourages the meaningful use of electronic health records (EHRs) by healthcare providers and their business associates.
When it comes to organizations incorporated and operating out of the United States, General Data Protection Regulation (GDPR) compliance can be confusing. Many people struggle to understand what exactly is the GDPR and whether it applies to all organizations. On May 25, 2018, the European Union (EU) via the European Parliament, signed into law the GDPR, to an enhance Directive 95/46/EC.
On May 29, 2019, the governor of Nevada signed into law Senate Bill 220, a new consumer privacy law. The new privacy law amended Nevada’s existing 2017 online privacy law. Effective October 1, 2019, the new privacy gives consumers the right to opt-out of the sale of their personal information.
