Crowell & Moring

Beginning August 1, 2015, New Jersey health insurers must encrypt personal information maintained on their computer systems and transmitted through public networks, or face civil penalties and fines under the state’s newly enacted Senate Bill No. 562 (“SB 562”). While SB 562’s requirements will have broad applicability to a wide range of “end user computer systems,” there is also ambiguity regarding the state’s enforcement position concerning personal information maintained in cloud storage and private cloud environments. The C&M Health Law blog provides a summary of the law and highlights the key points for health care insurers to keep in mind if they have subscribers and enrollees in New Jersey for whom they maintain personal information.