Connecticut Amends Data Breach Notification Law

[author: Kevin Khurana]

On the heels of Vermont’s recent amendment to its data breach notification law (which we blogged about here), Connecticut’s legislature recently amended its own data breach notification law (Conn. Gen. Stat. § 36a-701b). The amended law will take effect on October 1, 2012.

While several of the changes to the law were non-substantive in nature and more for the sake of clarification, the amended law does impose what seems to be the new trend in data breach notification obligations: the requirement to notify the state attorney general.     

Under newly added subsection (b)(2) of the statute, companies that are required to notify Connecticut residents of a data breach must also notify the Attorney General of Connecticut no later than the time when notice is provided to the residents (which, according to subsection (b)(1), must be made without unreasonable delay, subject only to delays resulting from law enforcement investigations and a company-conducted investigation to determine the nature and scope of the incident, identify the individuals affected, or restore the reasonable integrity of the underlying data system).

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Proskauer - Privacy & Data Security | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.