James Lim reports: Recent data breach amendments (Bill No. 10479) to South Korea’s framework data protection law increase available fines; lower the liability threshold that regulators must show to levy fines; allow compensation of individual plaintiffs without a showing of damages; and require notification of affected individuals within 24 hours of discovering a breach, a Korea…
Category: Breach Laws
Ca: New rules to require immediate warnings when health data breached
Keith Gerein reports: Outrage over the handling of Alberta’s largest-ever breach of private health information has prompted new legislation that will force companies to immediately raise the alarm if a similar incident happens again. Health Minister Fred Horne said amendments to the Health Information Act will require custodians of health information to disclose any breach…
Minnesota Mulls Amendments to Data Breach Notification Law
V. John Ella writes: The Minnesota House of Representatives introduced a bill in late February to strengthen Minnesota’s current data breach notification law, Minnesota Statutes Section 325E.61. The bill, House File No. 2253, was authored by Representative Dan Schoen. It would require notification within 48 hours to all individuals whose unencrypted personal information has been breached. The current statute requires…
In The Data Breach Regulatory Derby – Kentucky Loses Out to Iowa
Mahmood Sher-jan writes: Put on your fancy hat and pour a mint julep: the annual spectacle of equestrian prowess and creative horse names is upon us. While this Saturday marks the 140th Kentucky Derby, another landmark event occurred earlier this spring in the bluegrass state: Kentucky entered the “data breach regulatory derby” and became the 47th state…
Ca: Inform customers of data breach or pay $100,000 per case: new privacy bill
Candice So reports: Businesses and organizations will be formally required to tell individual customers and the Privacy Commissioner of Canada if they’ve suffered a data breach – or pay up to $100,000 in fines for every individual not told, according to the new Digital Privacy Act, or Bill S-4, tabled in the Senate today. Read more on ITbusiness.ca
KY: Cyber-security breach notification bill goes to governor
Gregory A. Hall reports: The bill to require public agencies to notify people whose personal information has been compromised in a cyber-security breach got final approval from the House on Friday and now will go to Gov. Steve Beshear. The House concurred in the changes made by the Senate on House Bill 5, the cyber-security…