A new standard for data protection?
For years, business communities and US legislators have been calling for an all-encompassing data privacy law at the federal level. Despite the introduction of several proposed bills, none have been enacted. In lieu of such a standard has instead arisen a patchwork of various state regulations, such as the California Consumer Privacy Act (CCPA) or Colorado Privacy Act. Now, another proposal is making the rounds in Congress, the American Data Privacy and Protection Act. This bill passed the House of Representatives Energy and Commerce Committee in a 53–2 vote. Foundational data privacy rights for consumers, strong mechanisms for regulation and enforcement are the primary goals of the legislation, which now must continue its path in the House.
Whether this bill will finally be the one enacted into law is still up in the air. Nevertheless, it continues a recent legislative trend of attempts to bolster US data privacy standards at the federal level, rather than leaving the matter in the hands of 50 individual states. If this bill passes, it will preempt most state laws.
A long journey still awaits the bill before it can be enacted. Pass or fail, however, it is not alone in its fight. The Data Privacy Act of 2023 seeks to update the Gramm-Leach-Bliley Act, passed in 1996, to better meet the challenges and sophistication of modern technology, not to mention cyber crime. Focused mainly on financial institutions that handle people’s sensitive data, this bill attempts to expand existing protections and controls for whose information is collected by these firms. Complementing these bills is the Upholding Protections for Health and Online Location Data Privacy Act (UPHOLD), intended to restrict advertising from making use of patients’ personal health data, among other parameters.
Each successive attempt at federal data security reform brings new ideas to the table. But while we continue to play the waiting game on a federal standard (and even after), NetLib Security is here to help organizations of all types and sizes in their quest to meet the various compliance requirements in the field. Whether it involves supporting HIPAA Omnibus and HITECH compliance strategies, FIPS 140-2 for government and military organizations, or GDPR et al in protecting critical data – NetLib Security’s Encryptionizer product assists compliance strategies via transparent data encryption that needs no additional programming or impact on performance.
Don’t wait on lawmakers to shore up your data security stance. Being proactive is the key to success. Request a free evaluation of Encryptionizer here.