Compliance is a moving target for organizations today. Not only do we have State and National laws constantly in flux, but organizations must pay attention to industry regulators and regulations (HIPAA, SEC, the GrahamLeach-Bliley Act) in terms of compliance. Given the global nature of many organizations, laws such as the EU GDPR even have their impact on US organizations. Post-breach, the potential litigation net is even wider, with investigations and potential fines coming from the FTC, industry regulators, state attorney generals and the class action bar.
Staying on top of changes in requirements for preparedness and data breach response is an overwhelming task for organizations. In the middle of this year, there were 32 States with pending data breach legislation. Recent legislative changes to be aware of include:
We recently released a whitepaper, Global Data Breach Notification Laws: Meeting Requirements and Mitigating Risks with Endpoint Security, intended to help security teams understand the basic requirements of data breach notification rules worldwide, including the specific expectations pertaining to mobile incidents, in order to develop effective risk management and compliance strategies.
Changes to the regulatory landscape, paired with increased data security risks, the rapid pace of change in technology and more complex employee demographics, has created a complex environment for IT data security. Learn how Absolute can help your organization navigate the choppy regulatory landscape and to mitigate data security risks here.