Heather McArn, Bryant Roby Jr. and Judith Selby of Hinshaw write: Maine has become the latest state to adopt a version of the National Association of Insurance Commissioners (NAIC) model cybersecurity law. Signed into law on March 17, 2021, the Maine Insurance Data Security Act establishes investigation procedures, data security program standards, and notification requirements for persons…
Category: State/Local
Utah is the 2nd State to Create a Safe Harbor for Companies Facing Data Breach Litigation
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of JacksonLewis write: In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons (defined below) facing a cause of action arising out of a breach…
Utah Becomes the Second U.S. State to Establish Affirmative Defenses for Data Breach
Alyssa Aquino, Judith Selby, and Joanna Storey of Hinshaw write: In enacting the Cybersecurity Affirmative Defense Act, HB80, (Act) on March 11, 2021, Utah became the second state in the U.S. to create affirmative defenses for “persons” to certain causes of action arising out of a breach of system security.[1] “Persons” is defined to include…
New York regulator issues cyber insurance risk framework with implications for insurers and insureds
Tim Tobin, Harriet Pearson, Paul Otto, and Jonathan Hirsch of Hogan Lovells write: On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance. The Framework identifies best practices that property/casualty insurers “should employ” to manage…
Will this Utah proposal quash lawsuits from victims of data breaches?
Art Raymond reports: Should consumers have the right to sue a company that allows their personal information to be stolen by data thieves? Under a proposal moving quietly through the 2021 Utah legislative session, the bar for filing such a lawsuit would be raised considerably in the event that a company has taken at least…
CT AG Tong Seeks Update To Data Breach Notifications
Attorney General William Tong testified last week before the General Law Committee in support of two pieces of legislation sought by the Office of the Attorney General to strengthen the state’s price gouging and data breach notification statutes. Data Breaches An Act Concerning Data Privacy Breaches, House Bill 5310, was sought by the Office of…