Breach Notification Rule

News & Analysis as of

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

State Breach Notification Laws – Updates From the 2015 Legislative Sessions, 6 Action Steps for Companies

This is proving to be a banner year for new breach notice requirements. In the period between 2006 and 2009, most US states enacted data breach notice laws. This year, we are seeing a wave of “second-generation” breach notice...more

Privacy Tuesday – July 2015: Hack Attack on Adultery Site Ashley Madison

Once again, data breaches and hacks are front and center, so here are three stories you should know about to start your week....more

With No Federal Law in Sight, States Continue to Refine Their Own Data Privacy Laws

With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more

Rhode Island Governor Signs Comprehensive Identity Theft Protection Act

On June 26, Rhode Island Governor Gina Raimondo (D) signed into law Senate Bill 0134, the Rhode Island Identity Theft Protection Act of 2015 (the Act), which clarifies data security measures, expands protection to health data...more

FCC becomes another active regulator over data security through $3.5M settlement with two telecom companies

The FCC has announced that it will receive a settlement payment of $3.5 million from two telecommunications companies—TerraCom Inc. and YourTel America for allegations around the companies’ failure to safeguard customers’...more

Is a Uniform Federal Data Breach Law Really Necessary?

In June 2015, the United States Office of Personnel Management announced a massive data breach. Estimates are that the breach compromises the personal information of up to 18 million current, former and potential federal...more

Connecticut Updates its Data Security Laws, Imposing Stringent New Requirements

On June 30, 2015, the Governor of Connecticut signed into law S.B. 949, “An Act Improving Data Security and Agency Effectiveness." The new law updates Connecticut’s data security laws, including by adding a 90-day hard...more

Canadian Government Amends and Strengthens PIPEDA, Adding Breach Notification Requirement and Filling Other Gaps

Just prior to recessing for the summer, the Canadian government enacted the Digital Privacy Act. It includes a number of targeted amendments to strengthen existing provisions of the Personal Information Protection and...more

Blog: States Strengthen Laws Addressing Health Information Handling and Breach Response

Connecticut and Oregon were recently added to the increasing list of states adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information. Both states...more

New Hampshire Enacts Breach Notification Requirement for the Department of Education

The state of New Hampshire recently enacted House Bill 322 (“HB 322”), which requires the Department of Education (“DOE”) to implement additional procedures to protect student and teacher data from security breaches. Those...more

Rhode Island Governor signs new comprehensive Identity Theft Protection Act

On June 26, 2015, Rhode Island Governor Gina Raimondo signed Senate Bill S0134, the Rhode Island Identity Theft Protection Act of 2015, which substantially revises the old law, including breach notification. Specifically,...more

State Breach Notification Laws Continue To Change

State breach notification laws continue to be amended to (1) provide for notification of a state attorney general or regulator about a breach in addition to affected individuals, (2) cover breaches involving personal...more

Nevada and Wyoming Expand Breach Notification Laws to Protect Account Credentials

On July 1, 2015, both Nevada and Wyoming’s breach notification law amendments come into force, expanding the definition of Personal Information (“PI”) to include account credentials such as a username or email address. With...more

Canada’s New Privacy Laws Will Require Breach Notice and Affect Private Sector Operations in Canada

It has been a long time coming, but this week the Personal Information Protection and Electronic Documents Act (“PIPEDA”) received a make-over, including new data breach notification provisions, with the enactment of the...more

Even Small Businesses Need To Pay Attention To Data Security

When people think about data breaches, corporate giants like Target, Home Depot and Michael’s spring to mind. But even small businesses holding personal information can face costly consequences if a breach occurs. In the...more

Canada Moves Forward with Mandatory Federal Security Breach Notification Law

On June 18, 2015, the Canadian Minister of Industry announced that the Digital Privacy Act, which amends Canada’s foundational Personal Information Protection and Electronic Documents Act (PIPEDA), has received royal assent...more

Oregon Expands Data Breach Law

The modified law will expand the definition of personal information to include medical information and physical characteristics, and require notification to the state Attorney General. Businesses with customers in Oregon...more

Digital Privacy Act Modernizes PIPEDA

On June 18, 2015, significant portions of the Digital Privacy Act received Royal Assent. This Act, amends the Personal Information Protection and Electronic Documents Act (PIPEDA), and brings important certainty to how...more

Digital Privacy Act Receives Royal Assent, but Breach Notification Provisions Lag Behind

After lengthy debates, Bill S-4, the Digital Privacy Act? finally received royal assent on June 18, 2015, and is now law. The federal government introduced Bill S-4 on April 8, 2014, which marked the government’s third...more

Connecticut Legislature Passes Bill Mandating Identity Theft Protection Services Following Data Breach

Connecticut’s legislature has passed a bill that imposes strict new timing requirements for entities conducting business in the state that experience a data breach, which Governor Malloy reportedly intends to sign into law. ...more

California’s Data Breach Laws

Almost all U.S states have laws about data security and what to do when there’s a data breach. California’s was the landmark law, first taking effect in 2003. Here is what California requires. Who The Laws Apply To....more

Connecticut Amends Data Breach Notification Law

In the absence of any meaningful moves in Congress to enact uniform data breach notification, the states continue to make adjustments to existing laws to better protect affected residents in their states. Connecticut is...more

217 Results
|
View per page
Page: of 9

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×