From Hunton Andrews Kurth:
On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law.
Security Breach Notice Act
The amendments to Vermont’s Security Breach Notice Act include expanding the definition of Personally Identifiable Information (“PII”), expanding the definition of a breach to include login credentials and narrowing the permissible circumstances under which substitute notice may be used.[…]
Student Data Privacy
Vermont’s Student Data Privacy law, modeled after California’s Student Online Personal Information Protection Act, generally, will prohibit certain “operators” of websites, online services and online or mobile applications used primarily by, and designed and marketed to, PreK-12 schools from knowingly:
Read more about both on The National Law Review.