Elfin Noce on State Data Breach Notification Statutes

Illinois Joins States Requiring Breach Notice to AG

Illinois has updated its breach notice law to require, effective January 1, 2020, notice to the Illinois Attorney General of a data breach involving more than 500 Illinois residents. The law contains specific requirements...more

9/4/2019 / Amended Legislation , Cybersecurity , Data Breach , Data Controller , Data Protection , Data Security , Notice Requirements , Personally Identifiable Information , State Attorneys General , State Data Breach Notification Statutes

New York SHIELD Act Expands Breach Notice Requirements Starting in October

As we recently reported, New York’s new SHIELD Act contains data security provisions. It also contains a number of key changes to New York’s existing breach notification obligations. These changes will become effective...more

8/27/2019 / Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Personally Identifiable Information , SHIELD Act , State Data Breach Notification Statutes

Preparing for New York’s New Data Security Requirements

New York recently passed the SHIELD Act, which, among other things, newly establishes data security requirements for companies that collect private information about New York residents. The data security protections required...more

8/27/2019 / Cybersecurity , Data Breach , Data Collection , Data Privacy , Data Protection , Data Security , New Legislation , Personally Identifiable Information , Policies and Procedures , Security Risk Assessments , SHIELD Act , State Data Breach Notification Statutes

Maryland Adds Requirements to Breach Notice Law

Maryland has amended its breach notification law to require businesses that maintain data, not just those that own or license the data, to conduct “a reasonable and prompt investigation” into whether personal information has...more

7/3/2019 / Amended Legislation , Cooperation , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Duty to Investigate , Personally Identifiable Information , State Data Breach Notification Statutes , Vendors

Texas Breach Law Will Change in 2020, To Require Attorney General Notification

New requirements to the Texas data breach statute, including a requirement to notify the Texas attorney general of a breach, are set to go into effect January 1, 2020. The legislation, signed by Texas Governor, Greg Abbot, on...more

6/26/2019 / Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Governor Abbott , Notification Requirements , State Attorneys General , State Data Breach Notification Statutes

New Jersey Breach Notice Law Expands To Cover Online Account Breaches

New Jersey joins a growing list of states that include user name, email address or any other identifier in combination with any password or security question and answer would permit access to an online account as personal...more

5/17/2019 / Data Breach , Email , State Data Breach Notification Statutes

Happy First Day of Spring! Ohio Insurance Law Effective Today

Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273, applies to insurers authorized to do...more

3/21/2019 / Cyber Attacks , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Hackers , Incident Response Plans , Information Security , Insurance Industry , Insurer Liability , New Legislation , Personally Identifiable Information , Risk Assessment , State Data Breach Notification Statutes , Third-Party Service Provider

Elfin Noce

Sheppard Mullin Richter & Hampton LLP

Popular Topics by This Author

Latest Posts › State Data Breach Notification Statutes