Delaware Requires Data Security in New Law

Delaware has become the latest state requiring companies to protect private data.

Delaware has become the latest state to enact legislation on computer security, joining at least 13 other states in setting specific requirements for companies doing business within their borders. Delawares law is notable in two regards, the first involving the nature of Delaware and the second a critical provision within the law itself.
The
bill itself
requires that ...any person who conducts business in Delaware and maintains personal information must safeguard that information. It goes on to define what breach means and prescribes certain actions to be taken if private information -- like a Social Security number -- is disclosed.
The interesting provision within the law is that it defines encryption and then carves out a safe-harbor provision for companies that suffer a breach
if
the information exposed is encrypted. This safe harbor for encrypted data is likely to have a significant impact on the increase in enterprise encryption because of Delawares status as a favored state for business incorporation in the US.
Youre invited to attend Light Readings 11th annual
Future of Cable Business Services event
. Join us in New York on November 30 for the premier independent conference focusing on the cable industrys continuing efforts in the commercial services market – all cable operators and other communications service providers get in free.
As of 2014,
more than two thirds of the companies
in the Fortune 500 are incorporated in Delaware. This means that at least two thirds of the United States largest companies must now look at how they will respond in case of a data breach and whether greater encryption deployment for customer and employee records will be a worthwhile investment in order to provide a safe harbor.
States that have enacted
data security laws for private entities
have done so in a wide variety of ways, ranging from broad statements about providing reasonable protection for private information to very prescriptive laws dealing with the nature of protection and requirements for disclosure.
With Delaware joining the data protection and security fold, eyes will be on many more states in the upcoming legislative season to see whether the number of governments requiring specific data security steps will grow.
Related posts:
Amazon S3 Errors Hit Home Again
Sleepless in Cupertino
Cybercrime Is North Koreas Biggest Threat
— Curtis Franklin is the editor of
SecurityNow.com
. Follow him on Twitter
@kg4gwa
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Delaware Requires Data Security in New Law