What is the role of encryption in compliance?
A growing body of regulations and standards has been established in recent years to protect the confidentiality of data and combat identity and financial theft. In 2003, California became the first state with a data breach notification law. As of July, 45 states plus the District of Columbia, the Virgin Islands and Puerto Rico had security breach notification laws requiring companies to disclose information about data breaches that involve personal information, but most of these laws provide exemptions to the disclosure requirement if the stolen data is encrypted. Compliance with the Massachusetts data protection act requires that sensitive personal information stored on laptop computers or transmitted electronically be encrypted in certain contexts. Nevada also toughened its data protection law with cryptographic and Payment Card Industry requirements this year. Federal data protection regulations are on the rise as well. The 1996 Health Insurance Portability and Accountability Act (H
