There’s a debate raging over new data security standards endorsed by the California attorney general’s office.
Some experts believe the law is an effective shield against cyber-attacks while others see it as a recipe for lawsuits.
The law requires businesses to use “reasonable security procedures and practices…to protect personal information from unauthorized, access, destruction, use, modification, or disclosure,” according to the WSJ Law Blog.
The guidelines consist of 20 “controls,” or recommended practices, and more than 100 “sub-controls.”
“A failure to implement all the Controls that apply to an organization’s environment constitutes a lack of reasonable security,” the attorney general said in a February report. However, the report doesn’t make it clear how “an organization’s environment” is defined.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.