Alexander Turner of Spilman Thomas & Battle, PLLC writes:
In April 2019, with the introduction of House Bill 904, a bi-partisan effort was made to strengthen cyber security in North Carolina. H.B. 904 seeks to make North Carolina’s Identity Theft Protection Act one of the strongest in the nation by broadening the definition of what constitutes a data breach, what proactive steps companies and employers must take to prevent a breach of their customers or employees’ personal information, and the penalties available to victims of data breaches, among other provisions. While H.B. 904 did not make it out of committee and failed to meet the cross-over deadline during the 2019-2020 legislative session, it is anticipated that it will eventually be passed and signed into law if significant federal data breach protections are not passed in the meantime. Therefore, the time for companies that do business in North Carolina, or that otherwise maintain North Carolinians’ personal information, to begin preparing for these changes is now.
Read more on JDSupra.