Below are snapshots of recent global updates courtesy of Nymity Research.
Legislation: Wisconsin Enacts Insurance Data Security Law
Effective November 1, 2021, licensees must have comprehensive risk assessment and information security programs (threat management, employee monitoring, access controls, secure development, audit trails, periodic evaluations); cybersecurity incidents that could materially harm consumers or normal business operations must be reported to the State Insurance Commissioner (within 3 business days), and affected residents (pursuant to State breach notification requirements). Read more here.
Cybersecurity: NIST Best Practices to Secure Critical Software
Limit access to critical software at all times to what is needed, continuously monitor for anomalous or malicious activity, use multi-factor authentication that is verifier impersonation-resistant for all users and administrators, encrypt data at rest and in transit, employ patch management and configuration management practices, and train all users, administrators and security operations personnel on how to securely handle critical software. Read more here.
Biometrics: Belgian DPA Best Practices for Sensitive Data Processing
Data subjects are increasingly confronted with the processing of biometric data not only on their smartphones or tablets but also by the government and by private companies, thus it is crucial that specific and informed consent is obtained before processing can be carried out; generally, the processing of biometric data is prohibited under the GDPR, unless a controller falls under any of the exceptions (e.g explicit consent, substantial public interest or authorised by union or member state law) under article 9(2) GDPR. Read more here.
Legislation: Federal Bill Prohibits COVID-19 Vaccine Passports
If passed, a government agency may not issue a vaccine passport, vaccine pass or other standardized documentation, or publish or share any COVID-19 vaccination record with a third party for the purpose of certifying the vaccination status of a US citizen; proof of COVID-19 vaccination shall not be deemed a requirement for access to Federal or congressional property or services. Read more here.
Stay informed with daily comprehensive regulatory updates using Nymity Research. Minimize the need for time consuming searches for accurate analysis with easy to understand alerts on the latest privacy laws. Start a free trial today.