ARTICLE
26 July 2021

Connecticut Enacts New Cybersecurity Safe Harbor

SM
Sheppard Mullin Richter & Hampton

Contributor

Sheppard Mullin is a full service Global 100 firm with over 1,000 attorneys in 16 offices located in the United States, Europe and Asia. Since 1927, companies have turned to Sheppard Mullin to handle corporate and technology matters, high stakes litigation and complex financial transactions. In the US, the firm’s clients include more than half of the Fortune 100.
Connecticut recently enacted cybersecurity legislation that provides a safe harbor for businesses that implement a written cybersecurity program.
United States Connecticut Technology

Connecticut recently enacted cybersecurity legislation that provides a safe harbor for businesses that implement a written cybersecurity program. Under the legislation, set to go in effect on October 1, 2021, punitive damages will not be assessed on a business that has suffered a data breach, in the event that there are causes of action alleging a failure to implement reasonable cybersecurity controls, which failure resulted in the breach.

To take advantage of this safe harbor, businesses must implement a written cybersecurity program which contains administrative, technical and physical safeguards that conforms to an industry recognized cybersecurity framework. The recognized frameworks include NIST SP 800-171, NIST SP 800-53, and the ISO/IEC 27000-series. Businesses regulated by HIPAA/HITECH or GLBA may also meet the safe harbor cybersecurity requirements by conforming to the applicable regulatory requirements.

Putting it Into Practice: Businesses operating in Connecticut should review their cybersecurity program and consider implementing any additional measures, to the extent necessary, to take advantage of this new safe harbor.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More