New Proposed Laws include Safe Harbor when Aligned with NIST Privacy Framework

This is an encouraging trend, but it comes with a warning: just ‘ticking the boxes’ doesn’t actually make you more secure…:

[…] Complying with a written data protection program that is aligned to one of the recognized data privacy or cybersecurity frameworks will pay dividends by reducing vulnerability to threats and negative publicity associated with the lack of data protection safeguards. That said, it is important to note that there is a distinct difference between complying with a written data protection program and establishing bona fide privacy compliance and security within your organization.


Original article