Effective May 5, 2021, entities can defend claims alleging failure to establish security controls and notify affected individuals of a breach if written cybersecurity programs are in place that conform to an industry-recognized framework; the affirmative defense cannot be claimed if the entity had actual notice of a threat or hazard to PI or restricted information, did not take remedial measures in a reasonable amount of time, and a breach resulted.
Utah Provides Defense Against Data Breach Claims
Related Posts
Utah Pass Social Media Bills Aimed at Protecting Minors
Utah have passed new legislation to protect under-18s living in the state. Social media companies will be expected to do a lot more.
TikTok and Snapchat Urged to Strengthen Parental Controls
The National Association of Attorneys General from 44 US territories have written to TikTok and Snapchat urging for better parental controls.
Real Estate Companies Don’t Need to Worry About Privacy – Right?
Real estate companies can believe data privacy doesn't apply as they handle property, not people, we've seen recently why this isn't the case