Florida Passes New Data Breach Notification Law Requiring Enforcement of Civil Penalties For Untimely Notice

King & Spalding
Contact

Personal information now includes online account information, health insurance policy numbers, and medical information -

Florida Governor Rick Scott signed into law the Florida

Information Protection Act of 2014 (“FIPA”) and repealed the state’s current breach notification law.1 FIPA, which will take effect on July 1, is arguably one of the strictest breach laws in the country. It expands the definition of personal information, defines a breach as “unauthorized access of data,” imposes new long-term duties on nearly all businesses with Florida customers or those businesses that maintain or use personal data about any person in Florida, and confers distinct enforcement powers on the Florida Department of Legal Affairs in the Office of the Attorney General.2 The new law also requires businesses to notify any Florida residents affected by a breach within thirty (30) days.

Florida’s new law follows the expanded definition of “personal information” that was adopted in California’s data breach notification law and includes “a user name or e-mail, in combination with a password or security question and answer that would permit access to an online account.”3 Personal information also now includes a first name or first initial and last name in combination with an individual’s “medical history, mental or physical condition, or medical treatment or diagnosis by a health professional” or “health insurance policy number or subscriber identification number and any unique identifier used by a health insurer to identify the individual.”

Please see full publication below for more information.

LOADING PDF: If there are any problems, click here to download the file.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Written by:

King & Spalding
Contact
more
less

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide