What You'll Learn:
On March 1, 2017 a sweeping new cybersecurity regulation was brought into force by the New York State Department of Financial Services. The regulation, entitled Cybersecurity Requirements for Financial Services Companies and codified at 25 NYCRR 500, mandated that financial institutions create a comprehensive data protection program and appoint a Chief Information Security Officer to lead it.
Part 500 also mandated a long list of security controls be put in place and divided Nonpublic Information into business-related information and personal data.
In May of 2018, South Carolina passed into law the Insurance Data Security Act, which largely tracks Part 500. The question remains: Is Part 500 on the road to becoming a default national data protection standard?
In this informative presentation, data protection industry veterans offer their perspective on Part 500 and the impact this regulation is having on national data protection.
||Scott Giordano, Esq., FIP, CISSP, VP, Data Protection
- Specializing in multinational/cross-border aspects of data protection
- ISO 17024 Certifications Advisory Board Member, International
Association of Privacy Professionals
- Created and taught the first law school course on electronic evidence and
- Member of the California, the District of Columbia, and Washington state