A notification to the New Hampshire Attorney General’s Office from McDermott Will & Emery LLP provides a useful illustration of how some organizations may be struggling to determine their notification obligations to states as a result of the Anthem breach:
If a law firm has trouble figuring out their obligations, can you imagine what others are struggling with? Coincidentally, perhaps, an attorney at McDermott Will & Emery recently wrote an article on how states may be moving to require encryption as a result of breaches such as the Anthem breach.