Jason C. Gavejian writes:
In distinct efforts to strengthen data security requirements, the California and Massachusetts legislatures recently passed bills affecting data breach notification requirements and data security notification, respectively.
On April 14, 2011, the California senate approved S.B. 24, requiring California businesses and agencies to notify the state attorney general if more than 500 California residents are notified of a data breach. The California bill also would require certain information be included in the notices.
[…]
On April 13, 2011, Massachusetts H.B. 3360 was referred for committee consideration. Under the bill, vendors of photocopiers in Massachusetts that fail to adequately notify purchasers of potential data security risks would be subject to a civil fine of up to $50,000 and could be sued by customers whose personal information is subsequently compromised.
Read more on Workplace Privacy Data Management & Security Report.