Tennessee to Require Breach Notification within 14 Days

Alysa Hutnik
Kelley Drye & Warren LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Last week, Tennessee Governor Bill Haslam signed into law SB 2005, which makes two amendments to the state’s data breach notification statute – effective July 1, 2016. With these amendments, Tennessee has joined a handful of other states that have strengthened – or are attempting to strengthen – their breach notification statutes in light of several high-profile breaches over the past few years.

The first amendment will require that businesses provide notice of a breach to affected Tennessee consumers no later than 14 days after discovery. Previously, the statute required that notice be provided “in the most expedient time possible and without unreasonable delay.” Notice may be delayed if a law enforcement agency determines that it would impede a criminal investigation, but then must be provided within 14 days after the agency has determined it will no longer compromise that investigation.

Additionally, the amendments clarify that the acquisition of personal information by employees who intentionally use the information for an unlawful purpose triggers the statute and its notice requirement.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Kelley Drye & Warren LLP | Attorney Advertising

Written by:

Kelley Drye & Warren LLP
Kelley Drye & Warren LLP
Contact
more
less

Kelley Drye & Warren LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide