New Jersey has enacted a new law that requires health insurance companies to protect patients’ electronic personal information by, among other things, adding encryption requirements for “data at rest,” as well as transmitted “data in motion.” As the first state to enact such a law specific to health insurers, New Jersey stands to lead the way for other states’ attempts to regulate personal data held by health insurance carriers. Health insurers and other companies should stay tuned for a potential rise in data breach litigation, particularly if other states pass similar laws imposing statutory penalties for data breaches.
New Jersey Law
While some states, such as Nevada, California and Massachusetts, require organizations and businesses to encrypt personal information, the New Jersey law is the first in the nation to focus on health insurers specifically.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
