FRINGE Data Breach notification "laws"

[Henry Brown <hbrown () knology net>]

http://www.databreaches.net/?p=8199

Comparing breach notification laws

November 10, 2009 by admin

“International Security Breach Notification Survey” is a new resource 
prepared by Foley & Larnder LLP and Eversheds LLP, November 2009. The 
report summarizes and compares the laws in various countries in tabular 
format, with comparisons based on: Notice Requirements (to who – 
(i)individual and (ii)regulator?), Timing of Disclosure (does it have to 
be done in a particular time period?), Form of Disclosure (does it have 
to be submitted in a particular way or with particular content?), Are 
there reporting or other obligations on entities that maintain data (ie 
Data Processors)?, Existing Policies (can the controller use their own 
procedures as opposed to those prescribed by law?), Exemptions from 
Disclosure, Damages/Enforcement, and Preemption (is there deemed 
compliance with the local law if you comply with another specified law?)

For U.S. states, the notification laws are compared on the basis of: 
Notice Requirements, Timing of Disclosure, Form of Disclosure, Entities 
that Maintain Data, Existing Policies, Exemptions from Disclosure, 
Damages/Enforcement, and Preemption.

View or download the free 158-page report here.

http://www.govexec.com/nextgov/1109/securityBreachTable.pdf

_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php