"Nevada's IT agency has rolled out a new policy aimed at standardizing the privacy of state data, months after a massive cyberattack crippled certain systems for weeks. The policy announced Wednesday from the Governor's Technology Office marks the first time the state will have clear-cut categories for data sensitivity. Officials said this will allow agencies to go beyond simply denoting something as "sensitive" or "personal" and will ensure private data is not treated the same as public information."
"Officials said this will allow agencies to go beyond simply denoting something as "sensitive" or "personal" and will ensure private data is not treated the same as public information. ... Data will now be classified as one of four categories: "public," "sensitive," "confidential" or "restricted." It is up to individual agencies to determine the proper category, and if the classification is unclear, the data must be put in the more restrictive category."
Nevada's IT agency instituted a policy to standardize the privacy of state data following a massive cyberattack that crippled some systems for weeks. The new framework establishes clear-cut sensitivity categories so private data will no longer be treated the same as public information. Data must be classified as public, sensitive, confidential, or restricted. Individual agencies are responsible for assigning the proper category. When classification is ambiguous, the data must be placed in the more restrictive category. The policy aims to improve consistency in handling and protecting state data across agencies.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]