IP|Trend: Dust up After the Breach
Hot Topics Roundtable for Fund Managers - Cybersecurity, Valuation, and More
On June 26, 2015, Rhode Island Governor Gina Raimondo signed Senate Bill S0134, the Rhode Island Identity Theft Protection Act of 2015, which substantially revises the old law, including breach notification.
State breach notification laws continue to be amended to (1) provide for notification of a state attorney general or regulator about a breach in addition to affected individuals, (2) cover breaches involving personal...more
On July 1, 2015, both Nevada and Wyoming’s breach notification law amendments come into force, expanding the definition of Personal Information (“PI”) to include account credentials such as a username or email address. With...more
It has been a long time coming, but this week the Personal Information Protection and Electronic Documents Act (“PIPEDA”) received a make-over, including new data breach notification provisions, with the enactment of the...more
When people think about data breaches, corporate giants like Target, Home Depot and Michael’s spring to mind. But even small businesses holding personal information can face costly consequences if a breach occurs.
On June 18, 2015, the Canadian Minister of Industry announced that the Digital Privacy Act, which amends Canada’s foundational Personal Information Protection and Electronic Documents Act (PIPEDA), has received royal assent...more
The modified law will expand the definition of personal information to include medical information and physical characteristics, and require notification to the state Attorney General. Businesses with customers in Oregon...more
On June 18, 2015, significant portions of the Digital Privacy Act received Royal Assent. This Act, amends the Personal Information Protection and Electronic Documents Act (PIPEDA), and brings important certainty to how...more
After lengthy debates, Bill S-4, the Digital Privacy Act? finally received royal assent on June 18, 2015, and is now law. The federal government introduced Bill S-4 on April 8, 2014, which marked the government’s third...more
Connecticut’s legislature has passed a bill that imposes strict new timing requirements for entities conducting business in the state that experience a data breach, which Governor Malloy reportedly intends to sign into law. ...more
Almost all U.S states have laws about data security and what to do when there’s a data breach. California’s was the landmark law, first taking effect in 2003. Here is what California requires.
Who The Laws Apply To....more
In the absence of any meaningful moves in Congress to enact uniform data breach notification, the states continue to make adjustments to existing laws to better protect affected residents in their states.
This week the Connecticut House of Representatives passed Senate Bill 949, "An Act Improving Data Security and Agency Effectiveness," (the "Act") which includes new or modified State requirements concerning the security of...more
This past Monday, Connecticut legislators voted unanimously to approve two new changes to Connecticut’s breach notification law. Senate Bill 949 will require businesses to (1) provide at least one year of identity theft...more
Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more
April saw amendments to Washington State's and North Dakota's breach notification statutes.
In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more
On May 13, Nevada passed a new law (A.B. 179) expanding the definition of “personal information” to include a natural person’s first name or initial and last name in combination with: 1) medical and health insurance...more
ONC Releases Updated Guide To Privacy And Security of Electronic Health Information ? The Office of the National Coordinator for Health Information Technology (“ONC”) recently released Version 2.0 of the Guide to Privacy and...more
Come August 1, North Dakota’s Attorney General will expect to hear from you if your company suffers a breach of computerized data affecting more than 250 persons. On April 13 North Dakota Governor Jack Dalrymple signed S....more
Nevada’s recently amended law will, among other things, create the first state mandate to encrypt online account credentials. Specifically, on May 13, 2015, Nevada Governor Sandoval approved a bill (“AB 179”) to expand the...more
Reed Smith has been closely following the interest and activities of State AGs in the areas of privacy and cybersecurity, and recently blogged on a major NAAG (National Association of Attorneys General) conference in April on...more
Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more
On April 23, Gov. Jay Inslee signed amendments to Washington state’s data breach notification law. The amendments strengthen protections to consumers and mandate a new time frame and reporting requirements for alerting...more
North Dakota recently enacted an amendment that will again tighten its existing breach notification law. The current law, North Dakota Century Code Section 51-30 et. seq., has evolved over time, having been previously amended...more
Data Breach Notification, Cyber Sharing Bills Move Forward -
As multiple privacy and data security bills wend their way through the legislative process, three proposals have made significant steps forward. ...more
Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up to create your digest using LinkedIn*
Back to Top