PERSONAL IDENTIFYING INFORMATION SECURITY LAW CHANGES IN COLO
Effective September 1st, 2018 Colorado has new legal requirements for businesses to protect any “personal identifying information” they collect, and how and when they must report any compromise of that data. Most Colorado companies are affected by this law as they maintain customer, vendor, and contact data which, if compromised, might be used for identity theft and fraudulent purposes. Identity theft and misuse of financial data is a huge problem everywhere today. This strengthening of the security requirements is in direct response to a marked increase in data breaches and the misuse of stolen data.
The new law requires that a business that collects personally identifying information must have in place data security protocols to protect that data, and requires notification of all affected within 30 days of discovery of the breech
The law defines “personal identifying information” (PII) as a person’s social security number; personal identification number (PIN); a password; a pass code; an official state or government-issued driver’s license or ID card number; a government passport number; biometric data; ID number for military personnel, employees, or students, or device information for a financial transaction devices like but limited to smart phone and ePayment devices. This is for electronic and paper records alike.
Requirements: Companies must
- Have a written policy for the destruction of records, paper and electronic, containing personal identifying information
- Implement and maintain reasonable security procedures and practices appropriate to the nature of the data and the size and nature of the company.
- Protect personal identifying information from unauthorized access, or modification.
- Preclude third-party access to data containing personal identifying information.
- Reasonably assure that third-parties with access to records containing PII are compliant with this law.
- Disclose any breech where PII may have been exposed within 30 days of discovery or as directed by law enforcement.
Disclosure must include the estimated date and duration of the breech, description of what data was exposed, who to contact for more information, contact information for consumer reporting agencies and the FTC, and other contact information on mitigating the effects of the breech.
Colorado’s new cybersecurity PDF version of the HB 18-1128, effective Sept. 1, 2018
F1 Systems provides companies with a complete data security audit in preparation for these changes. We will review your overall security and can recommend best practices and configuration changes as needed. We can help you secure your business and lock down your PII data in compliance with this new regulation.
Contact F1 Systems for a complete on-site Colorado PII Security Compliance audit.
sekolah tinggi ilmu kesehatan ukpm
kebidanan mitra sejahtera jakarta
akademi analis kesehatan muhammadiyah surabaya
akademi kesehatan lingkungan sumsel
akademi kebidanan arta kabanjahe
akademi kebidanan nusantara medan
akademi kebidanan delhus delmed
akper harapan mama deli serdang
akademi kebidanan bunga bangsa aceh
fakta maluku
fakta medan
fakta papua
fakta riau
fakta sumut
fatnanas
Forum Perkebunan
hakli bandung
hakli bekasi
hakli bengkulu
hakli bogor
hakli cilegon
hakli denpasar
hakli jakarta
hakli jambi
hakli jogja
hakli langsa
hakli sabang
hakli serang
harian jepara
harian karawang
harian kediri
harian lamongan
harian lumajang
harian majalengka
harian malang
hariansumatra
Harley Davidson Club Indonesia aceh
Harley Davidson Club Indonesia bali
Harley Davidson Club Indonesia bandung
Harley Davidson Club Indonesia bangka
HDCI banjar
Harley Davidson Club Indonesia banten
HDCI bekasi
Harley Davidson Club Indonesia Bengkulu
Harley Davidson Club Indonesia bogor
HDCI depok
Harley Davidson Club Indonesia gorontalo
Leave a Reply
Want to join the discussion?Feel free to contribute!