Tuesday, September 30, 2014 Register
 
Regulation Station

Regulation Station is designed to assist security professionals with first steps when approaching the daunting task of understanding the regulations that we face in the security industry.  This is not intended to provide legal guidance, but instead to provide direction to aid in the data protection process.  The regulations are divided by Untited States Federal, State, as well as a listing of International laws and guidelines.

Below is a listing of United States State Regulations. This list is constantly being updated and may not be comprehensive.

State Regulations
Regulation Brief Overview More Information
California Online Privacy Protection Act (OPPA)
The California Online Privacy Protection Act of 2003 (OPPA) is a privacy policy requirement law that requires all commercial websites that collect personally identifiable information (PII) on California consumers post that they are collecting such information on the web-site.



*http://library.findlaw.com/2003/Dec/5/133236.pdf 
California Shredding Law (AB 2246) AB 2246 requires a business to ensure the privacy of a customer's personal information contained in records by destroying, shredding, erasing, or otherwise modifying the customer record to make the information unreadable or undecipherable through any means.

 

*http://www.oispp.ca.gov/consumer_privacy/privacy_leg/leg2000.asp
California SB364 (privacy)

SB364 requires that consumers receive a clear, informative notification letter when their personal data kept by a business or public agency has been stolen. It also requires the state to establish a central reporting site to catalog security breaches.

*http://www.statesurge.com/bills/45562
California SB612 (ID theft prosecution)

SB612 allows the prosecution of identity theft in the county in which the victim lives

*http://www.statesurge.com/bills/46256
The Security Breach Information Act (SB 1386) AB 1950 imposes requirements on businesses that maintain personal information, in any form, about one or more California residents.  Specifically, businesses were and are required to shred, erase, or otherwise modify the personal information in those records to make it unreadable or undecipherable through any means. *http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351-1400/sb_1386_bill_20020926_chaptered.html
Buy Now on Amazon
                        
 


CISOHandbook.com Founder Tweets
Stay Up To Date
xml.gif 
Gold Sponsors
Advertise with us?