Scott Koller explains:
The state of New Hampshire recently enacted House Bill 322 (“HB 322”), which requires the Department of Education (“DOE”) to implement additional procedures to protect student and teacher data from security breaches. Those procedures now include a breach notification requirement.
Effective August 11, 2015, the DOE must develop a detailed security plan that requires notification to any teacher or student whose personally identifiable information could reasonably be assumed to have been part of a data security breach. RSA 189:66(III)(A)(1). The notification must be made as soon as practicable, but consistent with the legitimate needs of law enforcement or as necessary to determine the scope of the breach and restore the integrity of the data systems. Id.
Read more on Baker Hostetler Data Privacy Monitor.
Related: Final text of HB 322.