Posted on July 21, 2009 by David Navetta

FAQ on Nevada's Security of Personal Information Law (NRS 603A)

InfoSecCompliance ("ISC") was recently asked by a prospective client to provide a summary of Nevada's Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that incorporated the Payment Card Industry Data Security Standard ("PCI"). ISC decided to try something new and create a Frequently Asked Questions document around the PCI requirements contained in the Security Law. For better or worse (after sinking in 15 - 20 hours) ISC ended up doing FAQs for the entireNevada Security Law. This turned out to be a much bigger work than originally anticipated, so ISC is going to do a five-part blog post series breaking down the Nevada Security Law into (hopefully) digestible parts.

 

This FAQ is broken down into six sections that will be posted over five posts over the next week or so. The postings will be broken down as follows:

Post One: The Basics of Nevada's Security Law and Destruction of Records
Post Two: Security Breach Notice
Post Three: Required Security Measures
Post Four: Encryption and PCI Compliance
Post Five: Remedies, Penalties and Enforcement

I will update this page with new links to each post as the post is made. This is the first time I have tried to convert a complex law into an FAQ format and I am not certain how it turned out. The goal was to make the law digestable by not only lawyers, but also security and privacy professionals. If you have the time, please leave a comment or send me an email and let me know if it worked for you or what could be improved. If this format is effective, ISC may do it for other laws as well (where possible).

Please note, while I am an attorney this post does not in any way constitute legal advice or a legal opinion, and should not be relied upon to take any action or be the basis for any inaction. This law is complex and additional research is necessary. If you are interested in a full legal analysis please contact me directly at djn@davidnavetta.com.

 
Tags: , , , , , , , , , ,
Trackbacks (4) Links to blogs that reference this article Trackback URL
http://www.infolawgroup.com/admin/trackback/163609
InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements - July 23, 2009 6:43 PM
TITLE: URL: http://infoseccompliance.com/2009/07/22/nevadas-security-of-personal-information-law-post-two-the-breach-notice-requirements/ IP: 74.53.63.82 BLOG NAME: InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements DATE: 07/23/2009 06:43:34 PM
InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Three: Reasonable Security Measures Requirements - July 23, 2009 6:53 PM
TITLE: URL: http://infoseccompliance.com/2009/07/23/nevadas-security-of-personal-information-law-post-three-reasonable-security-measures-requirements/ IP: 74.53.63.82 BLOG NAME: InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Three: Reasonable Security Measures Requirements DATE: 07/23/2009 06:53:50 PM
InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Four: Encryption and PCI Compliance Requirements - July 23, 2009 7:17 PM
TITLE: URL: http://infoseccompliance.com/2009/07/23/nevadas-security-of-personal-information-law-post-four-encryption-and-pci-compliance-requirements/ IP: 74.53.63.82 BLOG NAME: InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Four: Encryption and PCI Compliance Requirements DATE: 07/23/2009 07:17:04 PM
InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Five: Remedies, Penalties and Enforcement - July 24, 2009 7:02 AM
TITLE: URL: http://infoseccompliance.com/2009/07/24/nevadas-security-of-personal-information-law-post-five-remedies-penalties-and-enforcement/ IP: 74.53.63.82 BLOG NAME: InfoSecCompliance.com - Technology, Privacy and Security Law & Risk Management » Blog Archive » Nevada’s Security of Personal Information Law Post Five: Remedies, Penalties and Enforcement DATE: 07/24/2009 07:02:21 AM
Comments (0) Read through and enter the discussion with the form at the end
Post A Comment / Question Use this form to add a comment to this entry.







Remember personal info?
Send To A Friend Use this form to send this entry to a friend via email.