A recent Nevada law may set off a domino effect and change the way your company handles sensitive data.
Starting this month, all Nevada businesses are required to encrypt customers’ personal I.D. data — credit card numbers, names, etc. — that are transmitted electronically.
But this isn’t just a local trend. Other states are following suit.
Example: In Jan., all Mass. businesses that collect personal info about its state’s residents will be required to use encryption for sensitive data stored on laptops and portable devices.
Washington and Michigan are considering similar measures.
Even if these encryption requirements don’t catch in other states (which they probably will), many companies need to be prepared.
Why? Any companies that do business in states that include these regulations will need to comply. Failure to do so will be costly.
In Nevada, there’s a proposed enforcement plan in place to punish companies that don’t comply with the encryption law. Under the plan, companies would face unlimited civil penalties for each occurrence of a customer’s security breach. Ouch.
Better safe than sorry: There are many types of affordable e-mail-encryption software, and companies like Dell Inc. sell laptops with encrypted hard drives for about $100 more than laptops that don’t come with the feature.