Linn Freedman writes:
On June 26, 2015, Rhode Island Governor Gina Raimondo signed Senate Bill S0134, the Rhode Island Identity Theft Protection Act of 2015, which substantially revises the old law, including breach notification.
Specifically, the new law requires municipal agencies, state agencies and any “person” that “stores, collects, processes, maintains, acquires, uses, owns or licenses personal information about a Rhode Island resident” to implement “a risk-based information security program” which “contains reasonable security procedures and practices…in order to protect the personal information from unauthorized access, use, modification, destruction or disclosure…”
Read more on JDSupra.