Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · New Jersey · Title 58 — Insurance · Chapter 31

58:31-4.2 Purveyor's water report; audit.

272 words·~1 min read·/nj/title-58/chapter-31/58-31-4-2·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

4. a. Beginning 90 days after the effective date of P.L.2021, c.262 (C.58:31-4.1 et al.), a water purveyor shall report to the New Jersey Cybersecurity and Communications Integration Cell, promptly after an employee is made aware of a cybersecurity incident, and in accordance with all applicable laws, rules , and regulations:
(1)any cybersecurity incident that results in the compromise of the confidentiality, integrity, availability, or privacy of the water purveyor's utility billing, communications, data management, or business information systems, or the information thereon; and
(2)any cybersecurity incident against the water purveyor's industrial control system, including monitoring, operations, and centralized control systems, that adversely impact, disable, or manipulate infrastructure, resulting in loss of service, contamination of finished water, or damage to infrastructure.
b. No later than 30 days after receiving a report of a cybersecurity incident from a water purveyor pursuant to subsection a. of this section, the New Jersey Cybersecurity and Communications Integration Cell shall cause to be audited the water purveyor's cybersecurity program and any actions the water purveyor took in response to the cybersecurity incident. The audit shall identify cyber threats and vulnerabilities to the public community water system, weaknesses in the public community water system's cybersecurity program, and strategies to address those weaknesses so as to protect the public community water system from the threat of future cybersecurity incidents.
Any audit shall be conducted by a qualified and independent cybersecurity company, at the water purveyor's expense. Following the audit, the water purveyor shall submit the audit and any corrective action plans derived from the audit to the New Jersey Cybersecurity and Communications Integration Cell.
L.2021, c.262, s.4.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.