A newly-enacted law signed by New Jersey Governor Chris Christie requires health insurance carriers in that state to adequately protect the personal information of individuals, with failure to do so being classified as a violation of the New Jersey Consumer Fraud Act (NJCFA). According to “New Jersey Requires Encryption for Health Insurance Carriers; May Open Door to Class Action Suits over Violations Under State Consumer Protection Law,” a post on Reed Smith’s Global Regulatory Enforcement Law Blog written by partners Paul Bond and Brad Rostolsky, the established connection between this new law and the NJCFA means that health insurance carriers should follow its requirements closely in order to avoid possible violations and fines. As a practical matter, business associates of New Jersey health insurance carriers should be considered on notice that this new encryption requirement may start to flow down contractually to business associates through the terms of business associate agreements.
To read the full post, click here.