Sammantha Tillotson and Casie Collignon of BakerHostetler write: In January 2018, Colorado legislators sponsored a bill that, if passed, will change the state’s existing data breach reporting laws in important ways. A House Committee Report detailing the current version of the bill can be found here. The bill would create a new statute, C.R.S. §…
Category: State/Local
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
Alabama Senates Passes Data Breach Notification Act
Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
N.C. Attorney General, State Representative Drafting Bipartisan Bill To Combat Security Breaches
Kathleen Bradshaw Burchette of Nexsen Pruet writes: While some may be wringing their hands over members of the legislature who just can’t seem to get along, North Carolinians have reason to hope that bipartisanship is not a thing of the past. On Jan. 8, 2018, Democratic Atty. Gen. Josh Stein and Republican State Rep. Jason Saine said…
Oregon, New York, Alabama, and Rhode Island Join List of States Considering Data Breach Legislation Post-Equifax
David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: In the absence of federal action, state legislators continue to propose bills that would increase data privacy and security protections for consumers. Any entity that does business in these states or maintains confidential information of their residents should monitor the legislation to determine whether and how…
“Misguided” hacking bill threatens to ice security researchers, say critics
Lisa Vaas reports: The US state of Georgia is considering anti-hacking legislation that critics fear could criminalize security researchers. The bill, SB 315, was drawn up by state senator Bruce Thompson in January, has been approved by the state’s senate, and is now being considered by its house of representatives. The bill would expand the…