Susan K. Livio reports: Health insurance companies will be required to protect client information by encrypting the data, under legislation Gov. Chris Christie signed into law today. The bill follows a series of incidents involving stolen laptops containing policyholder information protected only by user passwords. Read more on NJ.com.
Category: Breach Laws
Proposed data breach bill in Washington State: comments
So I’ve just read the proposed legislation for revising Washington State’s data breach notification law (see the WA AG’s press release on the proposal here). A few comments/observations on the bill: 1. The bill eliminates the word “computerized” before “data,” thereby seemingly expanding the data breach notification requirements to paper records or other formats. That…
Attorney General calls for enhanced data security law to protect consumers as part of 2015 legislative agenda
Washington State Attorney General Bob Ferguson has introduced bipartisan legislation that will strengthen Washington’s data breach notification law to help Washingtonians protect their personal information. “Identity thieves are using increasingly sophisticated methods to hack into consumer databases and steal financial information,” said Ferguson. “We must update our laws to help consumers better protect themselves in…
Retailers are skirting data security issue, NAFCU, trades tell Congress
The National Association of Federal Credit Unions writes: Retailer groups’ data security arguments are “inaccurate and misleading” given their members “are not covered by any federal laws or regulations that require them to protect data and notify consumers when it is breached,” NAFCU and six other financial trades told House and Senate leaders Wednesday. “National…
Should the FTC Be Regulating Privacy and Data Security?
Daniel Solove and Woodrow Hartzog write: This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was the agency that handled such telecommunications issues. Is…
New GDPR Data Breach Notification Agreement Sparks Debate
Neil Ford writes: The slow, stately progress of European data protection law continues: last month in Luxembourg, ministers in the Justice and Home Affairs Committee of the EU’s Council of Ministers reached partial agreement on reforms to the General Data Protection Regulation (GDPR). (The GDPR, you’ll remember, will replace the EU Data Protection Directive with a…