Hunton & Williams write: As reported in BNA Privacy Law Watch, on March 21, 2018, South Dakota enacted the state’s first data breach notification law. The law will take effect on July 1, 2018, and includes several key provisions: Definitions of Personal Information and Protected Information. The law defines personal information as a person’s first name or…
Category: Breach Laws
Is OCR Moving the Goal Posts on Vendor Management?
Yesterday, I posted an item about a settlement between New Jersey and Virtua Medical Group after a 2016 data leak by their transcription vendor exposed approximately 1,600 patients’ information on the internet. New Jersey took the position that this was a HIPAA violation and that the entity was responsible for what its vendor had done…
Companies will now have to tell Canadian consumers when their privacy is breached — and do it quickly
Amanda Connolly reports: After close to three years, the government is finally pushing through regulations that require companies to tell Canadian consumers when their personal information is compromised. The Digital Privacy Actbecame law in August 2015, but several of its provisions were not immediately implemented and have languished on the books pending official authorizations needed…
MD: House of Delegates passes data breach protection bill
Chase Cook reports: The House of Delegates passed legislation Monday that would require internet service providers to notify Maryland customers of data breaches in which personal information was stolen. House Bill 1584 sponsor Del. Seth Howard, R-West River, said he put forth the legislation because internet service providers weren’t required to post notices regarding data…
32 state Attorneys General to Congress: Don’t replace our stronger privacy laws!
Mike Litt writes: A bipartisan group of 32 state Attorneys General, led by Illinois AG Lisa Madigan, sent a joint letter last week to the House Financial Services Committee leadership against the draft (link includes opposition testimony of Massachusetts Attorney General’s Office) “Data Acquisition and Technology Accountability and Security Act” that PIRG has also been opposing. The bill…
Ministry Of Health Issues Draft For Healthcare Security Act; Warns Of Five Year Jail, $6,164 Fine On Healthcare Data Breach
Bhumika Khatri reports: In a silent yet tough stance towards data breach, the central government of India has released a draft of Healthcare Security Law under Digital Information in Healthcare Security Act (DISHA) and has invited comments from stakeholders and readers on the same before April 21. In the draft document shared, the Ministry of…