Breach Legislation: The Next Generation

This Year's Headlines May Spawn Next Year's Laws

By , November 28, 2011.
Breach Legislation: The Next Generation
Read Transcript

It's a new wave of cybercriminal behind the latest major data breaches, says breach expert Lucy Thomson. And these incidents are resulting in a new generation of breach notification laws globally."In the arena of legislation, particularly in the U.S. Congress, there seems to be renewed interest in focusing on security and trying to develop security requirements that would be imposed on companies, in addition to just including data breach notification," says Thomson, a privacy advocate at CSC, as well as chair-elect of the American Bar Association's Section of Science & Technology Law.

Surveying breach notification trends globally, Thomson sees many different types of legislation in the U.S., Europe and in Asia. But they all have similarities: They define what is sensitive data; articulate privacy protection; and they spell out the types of incidents that require notification.

Many governments are strengthening their breach laws, she says. "Texas is a good example. Texas has a statute that focuses on healthcare and has expanded the [list of] entities covered by the statute," Thomson says, "and also has expanded the number of individuals outside of Texas to be covered."

In an exclusive interview about global breach notification trends, Thomson discusses:

  • The impact of this year's major breaches on breach legislation;
  • Breach legislation conflicts, and how organizations can resolve them;
  • What needs to happen to make breach legislation more effective in 2012

Thomson, J.D., M.S., CIPP/G, focuses her practice at the intersection of law and technology. As a senior principal engineer, information security, and privacy advocate at CSC, a global technology company, she has addressed a wide range of legal, technical and policy issues in major IT and information-sharing programs. She works on teams building modernized information systems for very large organizations and has developed strategies to safeguard sensitive information at the nation's ports, as well as for the government's key financial systems.

Thomson is chair-elect of the ABA Section of Science & Technology Law and is a member of its Section Council and serves in the ABA House of Delegates. She founded and co-chairs the e-Discovery and Digital Evidence Committee.

Follow Tom Field on Twitter: @SecurityEditor

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Payment Security Initiatives Unveiled

The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage...

Latest Tweets and Mentions

ARTICLE Payment Security Initiatives Unveiled

The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage...

The ISMG Network