Thomas S. Markey writes: On Feb. 19, a bill was introduced in the Pennsylvania Senate proposing to amend the Pennsylvania Breach of Personal Information Notification Act to add new breach notification requirements for state agencies and political subdivisions of the commonwealth. Enacted in 2005, the act (73 P.S. Section 2301 et seq.) applies to commonwealth…
Category: State/Local
District of Columbia Introduces Legislation on Data Privacy
Sydny Shepard reports: District of Columbia Attorney General Karl A. Racine has introduced the Security Breach Protection Amendment Act of 2019, which would modernize the District’s data breach law and strengthen protections for residents’ personal information. Racine introduced the bill in response to the major data breaches that have put tens of millions of consumers,…
Happy First Day of Spring! Ohio Insurance Law Effective Today
Amber Thomson, Liisa Thomas, Elfin Noce, and Kari Rollins of SheppardMullin write: Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273,applies to insurers authorized to do business in Ohio and goes into effect today, March 20,…
Data Breach Reporting Obligations in Saskatchewan
David Krebs and Jacey Safnuk of Miller Thomson LLP write: … Data breach reporting obligations in Saskatchewan are influenced by a total of four relevant pieces of legislation, covering both public and private sectors. These laws will not all apply to every potential breach, of course, but it is crucial for organizations to understand that more…
California to close data breach notification loopholes under new law
Zack Whittaker reports: California, which has some of the strongest data breach notification laws in the U.S., thinks it can do even better. The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the requirements for companies to notify…
No Damages Required to Sue Under Illinois Biometric Information Privacy Act
Anjali C. Das, Brian Dollar, Stefanie L. Ferrari, and David H. Potter of Wilson Elser Moskowitz Edelman & Dicker LLP write: …. Following the rise of the use of biometric information, the Illinois Legislature passed the Biometric Information Privacy Act (BIPA) in 2008 to provide standards of conduct to help regulate how biometric information is collected,…