A new law, put into effect on September 1, 2018, puts Colorado among the most demanding in the nation in terms of consumer data protection.
Considering the fact that 4.5 billion records were compromised nationwide in the first half of 2018 alone — that’s 291 records every second — this couldn’t come at a more appropriate time.
The Protections for Consumer Data Privacy Act, as it’s called, was unanimously approved last May, and aims to reduce the risk of identity theft statewide. The law applies to any covered entity (employer, bank, doctor, insurer, and other online companies) that collects paper or electronic documents containing personal identifying information (PII).
PII includes full name, Social Security number, driver’s license number, bank account number, passport number, biometric data, and student or military identification number.
Here are some highlights of House Bill 18-1128:
• Both commercial and governmental entities must have a written policy that requires the disposal of PII when no longer needed. The documents must be made unreadable.
• Further security measures must be taken to protect PII. The bill states, “A covered entity that maintains, owns, or licenses personal identifying information of an individual residing in the state shall implement and maintain reasonable security procedures that are appropriate to the size of the business and its operations.”
• It is also now required for a business to notify and provide a detailed account to the individual when PII is compromised — no later than 30 days after the date it has been determined that a security breach occurred. The notice must include date or estimated date, what personal information has been exposed, how to contact the covered entity and more.
Frontier IT in Colorado Springs offers businesses all the tools needed to be in compliance with new and existing data security laws. Here are some services they provide to keep you and your clients protected:
• Scanning networks to show vulnerabilities
• Securing those vulnerabilities
• Helping with data protection in digital form and how to share that information securely
• vCIO services that help write the policies for the tech side of your business. A vCIO, or virtual Chief Information Officer, helps safely and effectively maintain IT infrastructure.
• Keeping in compliance with all aspects of House Bill 18-1128
“Not only is the new data protection law beneficial to consumers, the security requirements are required by all businesses in Colorado,” said Suzie Ventura, account manager at Frontier IT. “Continuous protection of our customer data is our No. 1 objective, and should be paramount for all businesses focused on compliance. As we onboard new customers, we perform several deep vulnerability scans and resolve infractions to bring our customers into compliance.”
To learn more about consumer data protection, call Frontier IT at 719-888-HELP (4357).