News & Analysis as of

State Data Breach Notification Statutes

Perkins Coie

2024 Breach Notification Law Update: Unique New State Obligations and Widespread New Federal Obligations

Perkins Coie on

Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to...more

Troutman Pepper

Amendments Align Pennsylvania’s Breach Notification Law With Majority of States

Troutman Pepper on

Earlier this year, Governor Josh Shapiro signed amendments to Pennsylvania’s Breach of Personal Information Notification Act (BPINA) into law, which go into effect on September 26. As part of the implementation of these...more

Epiq

Cyber Incidents on the Rise: Tips for Effective Data Breach Notification

Epiq on

Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more

Sheppard Mullin Richter & Hampton LLP

Indiana Amends Breach Notification Law Along with New Adult Website Verification Requirement

Indiana recently amended its breach notification law to include as personal information age verification information collected by adult websites. At the same time, the state passed a new law for adult websites...more

BakerHostetler

Pennsylvania Makes Significant Changes to Its Data Breach Notification Law

BakerHostetler on

On June 28, 2024, Pennsylvania Governor Josh Shapiro signed an amendment to Pennsylvania’s Breach of Personal Information Notification Act into law. The amended law, which includes significant changes to the Keystone State’s...more

Adler Pollock & Sheehan P.C.

Understanding the Rhode Island Data Transparency and Privacy Protection Act: What Businesses Need to Know

The Rhode Island Legislature enacted its comprehensive data privacy law on July 1, 2024. The Data Transparency and Privacy Protection Act (H 7787, or the “RI-DTPPA”) was enacted in response to growing concerns about data...more

ArentFox Schiff

New State Privacy Laws Take Effect Beginning on July 1

ArentFox Schiff on

In the absence of a federal privacy bill, nearly 20 states have passed comprehensive privacy laws. On July 1, three of these states — Florida, Oregon, and Texas — have new laws going into effect, with Montana’s effective in...more

Holland & Knight LLP

New Tennessee Law Creates Heightened Liability Requirement for Class Action Data Breach Lawsuits

Holland & Knight LLP on

As courts have recognized, "[t]he fact that a company has suffered a security breach does not demonstrate that the company did not place significant emphasis on maintaining a high level of security."1 Nevertheless, companies...more

Sheppard Mullin Richter & Hampton LLP

Impact of Tennessee’s Cybersecurity Class Action Safe Harbor

Tennessee has joined a handful of other states to provide certain safe harbors in the cybersecurity realm. Unlike others, the law sites beside -but does not modify- the states’ data breach notification law. Also unlike...more

Dorsey & Whitney LLP

Looking Down the Road: Data Privacy Priorities in 2024

Dorsey & Whitney LLP on

2023 brought a surge of data privacy developments, with a large expansion of state comprehensive privacy laws, litigation of new claims based on older laws (e.g. wiretapping and VPPA cases), increased scrutiny on data...more

WilmerHale

Connecticut Attorney General Releases Report on Connecticut Data Privacy Act Enforcement

WilmerHale on

On February 1, Connecticut Attorney General (AG) William Tong released a report detailing the AG’s initial efforts to enforce the Connecticut Data Privacy Act (CTDPA or “the Act”) and providing recommendations on how the Act...more

The Volkov Law Group

Data Privacy Update — Keeping Up with Developments

The Volkov Law Group on

When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges.  Compliance is not easy when you have fast-moving targets.  The single biggest cause of this...more

Nelson Mullins Riley & Scarborough LLP

FCC Updates Security Breach Rules for Telecommunications Service Breaches : Privacy Day Awareness

In the privacy world, confidential information relating to the nature, amount, or use of telecommunications services has always been subject to separate rules from other types of customer data. Prior to the advent of...more

Woods Rogers

FCC Updates and Expands Data Breach Notification Rules

Woods Rogers on

The updated data breach notification rules broaden the definition of what is considered a breach and expand the scope of who must be notified when a data breach occurs. The Federal Communications Commission (FCC or...more

Sheppard Mullin Richter & Hampton LLP

Operator? I’d like to Report a Data Breach—The FCC’s Updated Data Breach Rule

After waiting 16 years for a call, the FCC is finally back on the line. Last month the FCC updated their 16-year-old data breach notification rule. The updated rule makes drastic changes to the previous FCC notification...more

Manatt, Phelps & Phillips, LLP

Balancing New Federal & State Cyber Reporting Rules on Health Care & Financial Services Industries

Balancing cybersecurity incident disclosures has been a challenge for those in the trenches for years. That has not changed, and recent regulatory activity should not alter the challenges breach counsel confront. In short,...more

BakerHostetler

Florida and Connecticut Expand Breach Laws to Include Geolocation Data as Personal Information

BakerHostetler on

Consistent with recent trends in broadening the scope of state data breach notification statutes, Connecticut and Florida have expanded the definitions of personal information under their respective data breach notification...more

Venable LLP

Data Breach Notice Requirement Added to Safeguards Rule for Non-bank Financial Institutions

Venable LLP on

Non-bank financial institutions will have a new data breach disclosure requirement effective May 13, 2024. The Federal Trade Commission (FTC) recently updated the Gramm-Leach-Bliley Safeguards Rule (“Safeguards Rule”), adding...more

Eversheds Sutherland (US) LLP

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

Troutman Pepper

Cleanup on Aisle 1: Pennsylvania Grocer Rutters Latest to Settle Single-State Data Breach Investigation With Pennsylvania AG

Troutman Pepper on

Rutters, a prominent grocery chain in Pennsylvania with 80 locations statewide, settled a data breach investigation with Attorney General (AG) Michelle Henry’s office by agreeing to pay $1 million and to implement certain...more

Perkins Coie

2023 Breach Notification Law Update: Changes to Notification and Security Requirements Continue at State and Federal Levels

Perkins Coie on

A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more

Pierce Atwood LLP

New England State Consumer Data Privacy Bills Currently Under Consideration

Pierce Atwood LLP on

As noted in previous installments in our ongoing series on U.S. privacy laws, the sector-specific and activity-specific model for U.S. privacy regulation is rapidly changing, with individual states recently enacting...more

A&O Shearman

Saudi Arabia Finalised PDPL Regulations published in Official Gazette

A&O Shearman on

On 7 September 2023, the Saudi Data & Artificial Intelligence Authority (SDAIA) published the (i) Implementing Regulations of the Personal Data Protection Law (PDPL) and (ii) Regulation on Personal Data Transfer outside the...more

Mintz - Privacy & Cybersecurity Viewpoints

Release of new Mintz Matrix! States keep tinkering

Several states have clarified or tightened their data breach notification statutes since we last updated the Mintz Matrix at the beginning of the year. Please click here for the latest edition of the Mintz Matrix, which is a...more

Foley & Lardner LLP

State Data Breach Notification Laws - September 2023

Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

553 Results
 / 
View per page
Page: of 23

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide