Connecticut follows Utah and Ohio to approve legislation that provides a safe haven for companies with cybersecurity programs.
The Connecticut Cybersecurity Standards Act, which was signed into law by the Government of Ned Lamont last week and enters into force on October 1. , provides that companies will not be penalized in the event of a data breach if they have cyber security in line with an "industry known cyber security program." National Institute of Standards and Technology and East Greenbush, New York-based Center for Internet Security.
Entities regulated by the state or federal authorities can also meet the standard of legislation by meeting the cyber security requirements of Health Insurance Portability. and Accountability Act of 1
Utah's comparable legislation, the Cybersecurity Affirmative Act, was signed into law in March and entered into force in May, while the Ohio Data Protection Act entered into force in November 2018.