NJ Enacts Law Requiring Health Insurers to Encrypt Personal Information | Practical Law

NJ Enacts Law Requiring Health Insurers to Encrypt Personal Information | Practical Law

New Jersey Governor Chris Christie has signed legislation that requires health insurance carriers to encrypt personal information.

NJ Enacts Law Requiring Health Insurers to Encrypt Personal Information

Practical Law Legal Update 6-595-7965 (Approx. 2 pages)

NJ Enacts Law Requiring Health Insurers to Encrypt Personal Information

by Practical Law Intellectual Property & Technology
Published on 15 Jan 2015USA (National/Federal)
New Jersey Governor Chris Christie has signed legislation that requires health insurance carriers to encrypt personal information.
On January 9, 2015, New Jersey Governor Chris Christie signed S562 into law, which will require health insurance carriers to protect computerized records through more than just a computer password. In particular, all insurance companies compiling computer records that contain personal information must protect the records through, either:
  • Encryption.
  • Any other method or technology that renders it unreadable, undecipherable or otherwise unusable by an unauthorized person.
Password-protection will not be sufficient to satisfy the requirements of the new law, which came about as a result of several incidents involving theft of password-protected laptops containing policy holder information.
The legislation will take effect in July 2015.