KTVZ reminds everyone that Oregon’s new law has gone into effect whereby businesses and state agencies must notify the Oregon Attorney General of breaches affecting the personal information of at least 250 Oregonians.
The new law defines protected data to include any medical, health insurance or biometric information as well as Social Security numbers, government ID numbers or certain financial information.
Read more on KTVZ.
As part of the new law, there is now a site for reporting breaches and searching for reported breaches. The site includes fields similar to what the California Attorney General’s site includes with one additional field: Oregon discloses the date notice was provided to consumers, and not just the date of the breach and date of discovery. As other states do, a copy of the notice to consumers is also available on the site.