Finance Faces Fresh Data Protection Rules Under ND Law, Say Lawyers
A North Dakota law revamping the state’s financial regulatory framework “creates a new data security mandate for financial corporations,” said SheppardMullin attorneys in a blog post. Also, HB-1127 “introduces sweeping data protection obligations for nonbank financial corporations,” they said.
Sign up for a free preview to unlock the rest of this article
Covered entities must implement an information security program, designate a qualified individual to oversee the program, conduct regular testing, encrypt data and use multifactor authentication, said SheppardMullin: The law also requires notification to regulators within 45 days of data breaches involving at least 500 consumers.