Cross-posted from PogoWasRight.org.
Associated Press reports:
State agencies could be required to notify Missourians if personal data such as concealed gun permits and credit card numbers are accessed by someone who is not authorized to have that information.
The proposal comes from Republican House member Kurt Bahr, of St. Charles. It comes after the Missouri State Highway Patrol provided a list of concealed gun permit holders to a fraud investigator in the U.S. Social Security Administration.
Read more on Southeast Missourian.
And if it hadn’t been gun owners’ information, would a breach notification proposal have gotten so much support?
Missouri is not the only state to consider data breach notification requirements for state agencies. As noted on this blog, the Pennsylvania Senate recently passed a bill requiring state agencies to notify the state and those affected. That bill has now moved to the House, but Governor Corbett’s office informs me that he will sign the law if and when it passes.
I have not found the text of Bahr’s proposal online yet, but it will be interesting to read the text of the bill.
It is interesting that most US states have data breach notification laws on the books (and have for years) that apply when a private business or individual that holds personal information of state residents suffers a data breach. Only now are legislatures considering what happens when personal information held by state governments is leaked.
I suppose it’s better late than never.