Courtney M. Bowman of Proskauer Rose writes: What would companies need to do to comply with the law? The Stop Hacks and Improve Electronic Data Security (SHIELD) Act imposes requirements in two areas: cybersecurity and data breach notification. The cybersecurity provisions of the proposed SHIELD Act would require companies to adopt “reasonable safe-guards to protect the security,…
Category: State/Local
Colorado Legislature Signals That It May Create More Stringent Data Destruction Regulations and Tighten Breach Reporting Requirements
Sammantha Tillotson and Casie Collignon of BakerHostetler write: In January 2018, Colorado legislators sponsored a bill that, if passed, will change the state’s existing data breach reporting laws in important ways. A House Committee Report detailing the current version of the bill can be found here. The bill would create a new statute, C.R.S. §…
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
Alabama Senates Passes Data Breach Notification Act
Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
N.C. Attorney General, State Representative Drafting Bipartisan Bill To Combat Security Breaches
Kathleen Bradshaw Burchette of Nexsen Pruet writes: While some may be wringing their hands over members of the legislature who just can’t seem to get along, North Carolinians have reason to hope that bipartisanship is not a thing of the past. On Jan. 8, 2018, Democratic Atty. Gen. Josh Stein and Republican State Rep. Jason Saine said…
Oregon, New York, Alabama, and Rhode Island Join List of States Considering Data Breach Legislation Post-Equifax
David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: In the absence of federal action, state legislators continue to propose bills that would increase data privacy and security protections for consumers. Any entity that does business in these states or maintains confidential information of their residents should monitor the legislation to determine whether and how…