About This Blog
Summaries, news and resources relating to eDiscovery in Delaware and beyond.
Showing one post in Data Breach.
Ryan T. Keating was quoted in the Bloomberg Law article, "Delaware Ramps Up Data Breach Compliance Mandates," regarding the impact of the new statute.
"The most significant change in the new statute, which updates the state’s 2005 data breach notification law, is that companies are required to “implement and maintain reasonable procedures and practices” to prevent data breaches, Ryan Keating, a member of Wilmington, Del.-based Morris James LLP’s data privacy and information governance group, told Bloomberg Law.
The amended statute does not offer guidance on what constitutes “reasonable” security, so companies developing security programs “would be wise to consider security standards published by NIST and other organizations,” Keating said, referring to the Commerce Department’s National Institute of Standards and Technology."