Data Security Risk Assessments and Reporting | Practical Law

Data Security Risk Assessments and Reporting | Practical Law

A Practice Note explaining how to plan, perform, and report on data security risk assessments as required by federal and state laws, including the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and state data security laws that protect personal information, federal and state regulators' expectations for reasonable data security practices, industry standards, and best practices. It also addresses common forms of cyber risk assessments and their role in any organization's overall information security program.

Data Security Risk Assessments and Reporting

Practical Law Practice Note w-002-2323 (Approx. 35 pages)

Data Security Risk Assessments and Reporting

by Practical Law Data Privacy & Cybersecurity
MaintainedUSA (National/Federal)
A Practice Note explaining how to plan, perform, and report on data security risk assessments as required by federal and state laws, including the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and state data security laws that protect personal information, federal and state regulators' expectations for reasonable data security practices, industry standards, and best practices. It also addresses common forms of cyber risk assessments and their role in any organization's overall information security program.