Nebraska Amends Data Breach Notification Law

Kelley Drye & Warren LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Last week, Nebraska Governor Pete Ricketts signed into law LB 835, which makes the following amendments to the state’s data breach notification statute:

  • Adds to the definition of “personal information” a user name or email address, in combination with a password or security question and answer, that would permit access to an online account.
  • Requires notice to the Nebraska Attorney General no later than notice is provided to Nebraska residents.
  • Clarifies that data is not considered encrypted, defined as “converted by use of an algorithmic process . . . into a form in which the data is rendered unreadable or unusable without use of a confidential process or key,” if the confidential process or key was or is reasonably believed to have been acquired as a result of the breach.

The amendments take effect July 20, 2016. Recognizing the breadth of information consumers store online, Nebraska will become the fifth state, joining California, Florida, Nevada, and Wyoming, to require notification in the event of a breach of account credentials. We will continue to track and keep you apprised of updates to state breach notification statutes.

[View source.]

Written by:

Kelley Drye & Warren LLP
Kelley Drye & Warren LLP
Contact
more
less

Kelley Drye & Warren LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide