网络安全 Awareness Month sees state cybersecurity measures affecting CPA firms

October is National 网络安全 Awareness Month, and CPA firms throughout the nation are seeing stepped-up activity on cyber-related issues by state lawmakers. Protecting consumer data and sensitive information is a rising priority across the country. During the 2018 legislative sessions, nine states passed legislation related to cybersecurity. And some of these 比尔s directly affect CPA firms.

For example, the Colorado legislature passed the Protections for Consumer Data 隐私 Act that amended notification requirements for a data breach. 根据新法律, 维护的实体, own or license digital personal information about a Colorado resident must conduct a “prompt investigation” when they become aware that a security breach may have occurred. Should the investigation conclude that a breach occurred, the entity must notify all affected Colorado residents within at 30 days.

The Louisiana legislature passed a 比尔 to require any person conducting business in the state that owns or licenses computerized data that includes personal information to “maintain reasonable security procedures and practices.“以前, the law required that businesses notify those affected by a data breach “in the most expedient time possible and without unreasonable delay.” The 比尔 amended this language to clarify that this time period cannot exceed 60 days from the discovery of the breach.

As CPA firms store lots of personal information related to their clients, this type of legislation directly affects them. The 188bet亚洲真人体育下载’s State Regulation and Legislation Team will continue to track cybersecurity legislation to determine its impact on CPA firms.

参观 188bet亚洲真人体育下载’s 网络安全 Resource Center 了解更多信息.