Breach Notification Rule Data Breach

News & Analysis as of

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

Privacy Tuesday – July 2015: Hack Attack on Adultery Site Ashley Madison

Once again, data breaches and hacks are front and center, so here are three stories you should know about to start your week....more

With No Federal Law in Sight, States Continue to Refine Their Own Data Privacy Laws

With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more

Is a Uniform Federal Data Breach Law Really Necessary?

In June 2015, the United States Office of Personnel Management announced a massive data breach. Estimates are that the breach compromises the personal information of up to 18 million current, former and potential federal...more

Connecticut Updates its Data Security Laws, Imposing Stringent New Requirements

On June 30, 2015, the Governor of Connecticut signed into law S.B. 949, “An Act Improving Data Security and Agency Effectiveness." The new law updates Connecticut’s data security laws, including by adding a 90-day hard...more

Canadian Government Amends and Strengthens PIPEDA, Adding Breach Notification Requirement and Filling Other Gaps

Just prior to recessing for the summer, the Canadian government enacted the Digital Privacy Act. It includes a number of targeted amendments to strengthen existing provisions of the Personal Information Protection and...more

Blog: States Strengthen Laws Addressing Health Information Handling and Breach Response

Connecticut and Oregon were recently added to the increasing list of states adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information. Both states...more

New Hampshire Enacts Breach Notification Requirement for the Department of Education

The state of New Hampshire recently enacted House Bill 322 (“HB 322”), which requires the Department of Education (“DOE”) to implement additional procedures to protect student and teacher data from security breaches. Those...more

State Breach Notification Laws Continue To Change

State breach notification laws continue to be amended to (1) provide for notification of a state attorney general or regulator about a breach in addition to affected individuals, (2) cover breaches involving personal...more

Canada’s New Privacy Laws Will Require Breach Notice and Affect Private Sector Operations in Canada

It has been a long time coming, but this week the Personal Information Protection and Electronic Documents Act (“PIPEDA”) received a make-over, including new data breach notification provisions, with the enactment of the...more

Even Small Businesses Need To Pay Attention To Data Security

When people think about data breaches, corporate giants like Target, Home Depot and Michael’s spring to mind. But even small businesses holding personal information can face costly consequences if a breach occurs. In the...more

Canada Moves Forward with Mandatory Federal Security Breach Notification Law

On June 18, 2015, the Canadian Minister of Industry announced that the Digital Privacy Act, which amends Canada’s foundational Personal Information Protection and Electronic Documents Act (PIPEDA), has received royal assent...more

Oregon Expands Data Breach Law

The modified law will expand the definition of personal information to include medical information and physical characteristics, and require notification to the state Attorney General. Businesses with customers in Oregon...more

Connecticut Legislature Passes Bill Mandating Identity Theft Protection Services Following Data Breach

Connecticut’s legislature has passed a bill that imposes strict new timing requirements for entities conducting business in the state that experience a data breach, which Governor Malloy reportedly intends to sign into law. ...more

California’s Data Breach Laws

Almost all U.S states have laws about data security and what to do when there’s a data breach. California’s was the landmark law, first taking effect in 2003. Here is what California requires. Who The Laws Apply To....more

Connecticut Amends Data Breach Notification Law

In the absence of any meaningful moves in Congress to enact uniform data breach notification, the states continue to make adjustments to existing laws to better protect affected residents in their states. Connecticut is...more

Connecticut Data Breach Law About To Get Tougher

This past Monday, Connecticut legislators voted unanimously to approve two new changes to Connecticut’s breach notification law. Senate Bill 949 will require businesses to (1) provide at least one year of identity theft...more

Nevada and North Dakota amend state breach notification laws

Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more

April Brings Amendments to Washington and North Dakota Breach Notification Requirements

April saw amendments to Washington State's and North Dakota's breach notification statutes. In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more

Nevada Broadens Definition of Personal Information for Purpose of Encryption and Breach Notices

On May 13, Nevada passed a new law (A.B. 179) expanding the definition of “personal information” to include a natural person’s first name or initial and last name in combination with: 1) medical and health insurance...more

North Dakota Focused on Privacy and Information Security; AG Wants to Know if You’ve Been Breached

Come August 1, North Dakota’s Attorney General will expect to hear from you if your company suffers a breach of computerized data affecting more than 250 persons. On April 13 North Dakota Governor Jack Dalrymple signed S....more

Nevada Expands Definition of PI for Purposes of the State’s Breach and Safeguards Laws

Nevada’s recently amended law will, among other things, create the first state mandate to encrypt online account credentials. Specifically, on May 13, 2015, Nevada Governor Sandoval approved a bill (“AB 179”) to expand the...more

State AGs’ Interest in Privacy and Cybersecurity – No End in Sight – REDUX (or, if you prefer, we told you so…)

Reed Smith has been closely following the interest and activities of State AGs in the areas of privacy and cybersecurity, and recently blogged on a major NAAG (National Association of Attorneys General) conference in April on...more

162 Results
|
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×