William Berglund, Robert J. Hanna and Victoria L. Vance of Tucker Ellis write: Maintaining robust cybersecurity measures that meet government- and industry-recognized standards will provide businesses operating in Ohio with a legal defense to data breach lawsuits, if a bill recently introduced in the Ohio Senate becomes law. Ohio Senate Bill No. 220 (S.B. 220),…
Category: State/Local
In the wake of Equifax, states respond with new legislation
Not surprisingly, states are responding to the Equifax breach, but they are taking different approaches. Here are how two states are responding: Law.com reports that in New York: Attorney General Eric Schneiderman is proposing comprehensive legislation to tighten data security laws and expand protections. The Stop Hacks and Improve Electronic Data Security Act, introduced this…
Delaware House Moves Bill to Expand Data Breach Notice Law
Leslie A. Pappas reports: The Delaware House has moved legislation that would strengthen the state’s data breach notification law. The bill would require any person doing business in Delaware to safeguard personal information. It would expand the definition of personal information to include medical information, biometric data, user names and passwords, passport numbers, routing numbers…
States Take Action! New Mexico, Tennessee and Virginia Pass New Data Breach Legislation
Michael B. Katz and Cynthia J. Larose of Mintz Levin write: After a quiet winter there has been significant activity in state legislatures to enact, strengthen or clarify their data breach notification statutes. The latest happenings are summarized below and we have updated our “Mintz Matrix” to reflect these new and pending laws. Read more…
Virginia Adds Notification Requirements for Payroll Incidents to Breach Law
Liisa M. Thomas, Robert H. Newman, and Eric J. Shinabarger of Winston Strawn LLP write: With little fanfare, Virginia recently amended its data breach notification law, requiring employers and payroll service providers to notify the Virginia Attorney General if they are subject to a W2 phishing scam. More specifically, the law requires that they notify…
New Mexico passes data breach notification and protection bill
Erich Falke writes: Then there were two. On March 16, 2017, the New Mexico state legislature passed a bill requiring that New Mexico residents be notified if their “personal identifying information” was affected by a breach of electronic data. Upon signature of the bill, New Mexico will join 47 other states requiring such notification, and the only…