Katie Lannan reports: A compromise bill filed Tuesday by a House-Senate conference committee would afford Massachusetts residents a year and a half of free credit monitoring services if their personal data and Social Security number are compromised by a data security breach. The panel, chaired by Rep. Tackey Chan and Sen. Barbara L’Italien, filed its…
Category: Breach Laws
Why is Israel’s new proposed cybersecurity law raising hackles?
Shoshanna Solomon reports: Even as Israel’s privacy and democracy watchdogs welcome a cybersecurity law that would help the nation fend off damaging attacks to its businesses and critical infrastructure, they are warning that a newly proposed law, now up for comments, is not beneficial to democracy. The proposal gives “too wide an authority without enough…
Changes to Louisiana’s Data Breach Notification Law Go Into Effect August 1
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write that changes to Louisiana’s data breach notification law (Act 382) go into effect on August 1 of this year. Those changes include expansion of the definition of personal information, requirements that notification be made no later than 60 days from discovery of…
Big Data Breaches Shine Spotlight on Laws Impacting Employee Data Protection
John Litchfield of Foley & Lardner reminds employers that there are new laws coming into effect that impact employers’ collection and protection of employee data. The following laws, he notes, come online this year: Alabama (effective June 1, 2018) Delaware (effective April 14, 2018) Oregon (effective June 2, 2018) South Dakota (effective July 1, 2018)…
WHEN do you have to notify by? State laws vary.
MintzLevin has updated its state data breach law matrix, as I noted previously on the page where I link to such resources. Here’s an excerpt from their matrix: Breach Notification Timeline Time After Discovery of Breach Action Required 10 Calendar Days Puerto Rico Department of Consumer Affairs 14 Business Days Vermont AG preliminary…
Ottawa’s new privacy rules give businesses flexibility on data breach reporting
The Canadian Press reports: Federal data breach regulations set to take effect Nov. 1 will require mandatory reporting of security breaches that pose a “real risk of significant harm,” but give businesses flexibility about how that’s done. Ottawa has rolled out the long-awaited requirements in a notice in the Canada Gazette that indicates the government…