Nevada has passed a new law that requires businesses to comply with PCI when collecting or transmitting payment card information. Minnesota in 2007 incorporated only a portion of PCI in its Plastic Card Security Law. Some observers question whether states should be in the business of mandating compliance with an industry standard. The law places companies that collect personal identifiable information (PII) into one of two categories: those that accept payment cards, and all others. For the other companies that don’t handle payment cards the law raises the bar on information security.”]
Source: https://www.cuinfosecurity.com/nevadas-new-privacy-law-game-changer-a-1599