For those of us who were watching this proposed legislation unsuccessfully move its way through the 2012 General Session, we see now that it was passed as part of the Connecticut General Assembly’s Special Session by attaching it as Section 130 of the Budget Bill.
The new statute, Section 36a-701b, will be effective October 1, 2012, and requires the reporting of a “breach of security” to the Connecticut Attorney General. This is in addition to any other data breach reporting requirements that exist in the Connecticut Statutes or promulgated by industry regulators (e.g., Connecticut Department of Insurance Bulletin IC-25). Failure to comply constitutes an unfair trade practice under Connecticut General Statutes Section 42-110b and is enforceable by the Attorney General.
Please see full publication below for more information.