The State Legislature approved State Senator Joe Simitian´s (D-Palo Alto) SB 20, a bill to strengthen and update California´s landmark privacy protection law. The bill now goes to the Governor, who has until October 11th to sign or veto the legislation. SB 20 builds on previous legislation authored by Simitian, AB 700 (2002), which required…
Category: Legislation
FTC issues Health Breach Notification Rule
<blockquote>The Federal Trade Commission (“FTC” or “Commission”) is issuing this final rule, as required by the American Recovery and Reinvestment Act of 2009 (the “Recovery Act” or “the Act”). The rule requires vendors of personal health records and related entities to notify consumers when the security of their individually identifiable health information has been breached….
Data security breach notification law update
Hunton & Williams provide a nice roundup of data breach notification law changes during the month of July. On July 1, breach notification laws in Alaska and South Carolina went into effect. On July 9, Missouri became the 45th state to enact a data breach notification law. On July 22, Senator Patrick Leahy reintroduced a…
ID theft bill proposed in Michigan
Identity theft victims will be able to seek compensation for the time and effort it takes to clean up their damaged credit history if legislation proposed by a S.W. Michigan lawmaker becomes law. Representative Matt Lori (R-Constantine) says that the bill updates Michigan law by better defining what constitutes identity theft, and increasing the penalties….
Leahy’s data breach bill’s flawed assumptions
The chairman of the powerful U.S. Senate Judiciary Committee, Sen. Patrick Leahy, is trying—after two failed attempts—to get his data breach bill made into law. But even though his bill would answer the pleas of many retailers by creating one single national standard for handling major retail data breaches, the bill’s details don’t deliver the…
Germany adopts stricter data protection law
On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including marketing,…