Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · New Jersey · Title 58 — Insurance · Chapter 31

58:31-4 Development of cybersecurity system; exemptions.

351 words·~2 min read·/nj/title-58/chapter-31/58-31-4

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

4. a. Within 120 days after the effective date of P.L.2017, c.133 (C.58:31-1 et seq.), each water purveyor shall develop a cybersecurity program, in accordance with requirements established by the New Jersey Cybersecurity and Communications Integration Cell , as rules and regulations adopted pursuant to the "Administrative Procedure Act," P.L.1968, c.410 (C.52:14B-1 et seq.), that defines and implements organization accountabilities and responsibilities for cyber risk management activities, and establishes policies, plans, processes, and procedures for identifying and mitigating cyber risk to its public community water system.
As part of the cybersecurity program, a water purveyor shall: identify the individual chiefly responsible for ensuring that the policies, plans processes, and procedures established pursuant to this section are executed in a timely manner; conduct risk assessments and implement appropriate controls to mitigate identified risks to the public community water system; maintain situational awareness of cyber threats and vulnerabilities to the public community water system; and create and exercise incident response and recovery plans.
No later than 180 days after the effective date of P.L.2021, c.262 (C.58:31-4.1 et al.), a water purveyor shall update its cybersecurity program to conform to the requirements of section 3 of P.L.2021, c.262 (C.58:31-4.1).
A water purveyor shall submit a copy of the cybersecurity program developed pursuant to this subsection to the New Jersey Cybersecurity and Communications Integration Cell, in a form and manner as determined by the New Jersey Cybersecurity and Communications Integration Cell. A cybersecurity program submitted pursuant to this subsection shall not be considered a government record under P.L.1963, c.73 (C.47:1A-1 et seq.), and shall not be made available for public inspection.
b. Within 60 days after developing the cybersecurity program required pursuant to subsection a. of this section, each water purveyor shall join the New Jersey Cybersecurity and Communications Integration Cell and create a cybersecurity incident reporting process.
c. (Deleted by amendment, P.L.2021, c.262).
d. No later than 180 days after the effective date of P.L.2021, c.262 (C.58:31-4.1 et al.), each water purveyor shall obtain a cybersecurity insurance policy that meets any applicable standards adopted by the board.
L.2017, c.133, s.4; amended 2021, c.262, s.2.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.