Previous |
Next |
October 19, 2005, 05:20 PM ET
Educause Attendees Prepare for Data-Breach Laws
Since the spring about 20 states have passed laws that require residents to be notified when companies leak their personal information online. And while the laws are often intended to crack down on commercial data breaches, they’ll also apply to colleges, said Tracy Mitrano, director of information-technology policy at Cornell University, at this year’s Educause conference.
Ms. Mitrano led a wide-ranging roundtable on security and privacy issues that included discussion of the new data-breach laws. The laws, participants agreed, will force computing officials and general counsels to answer some tricky questions, like what constitutes “personal information� and what kind of encrypted data is exempt from the notification requirement.
“We’re asking anybody who’s going to breach our data,â€? joked Ms. Mitrano, “to do it before December 8thâ€?—when New York’s tough notification law, which some experts expect to set a new national standard, goes into effect.
Add Your Comment
Commenting is closed.