Bradley Barth reports: More than 5.3 million residents of North Carolina were victims of data breaches in 2017 – an escalating trend that has prompted state Attorney General Josh Stein (D) and state Rep. Jason Saine (R) to introduce newly proposed legislation to prevent further incidents and protect the public. Unveiled on Jan. 8, the…
Category: State/Local
Vermont poised to act on data security
Elizabeth Hewitt reports: Vermont lawmakers are poised to take action to regulate data brokers in the coming months. Data brokers — companies that collect and maintain consumers’ personal information — have been in the spotlight after the credit report giant Equifax revealed that a security breach exposed the private information of millions of Americans. However,…
Businesses Take Note: Updates to Maryland’s Data Breach Notification Law Take Effect January 1, 2018
James Benjamin, Jr. of Pessin Katz Law, P.A. writes: On January 1, 2018, several amendments to the Maryland Personal Information Protection Act, (“MPIPA”) MD Code Ann., Com. Law §14-3501 et seq. will go into effect. Businesses collecting personal information should take note and be prepared. Under the law as amended, the definition of “personal information”…
Ohio Bill Proposes Safe Harbor Against Breach Suits to Businesses Maintaining Recognized Cybersecurity Programs
William Berglund, Robert J. Hanna and Victoria L. Vance of Tucker Ellis write: Maintaining robust cybersecurity measures that meet government- and industry-recognized standards will provide businesses operating in Ohio with a legal defense to data breach lawsuits, if a bill recently introduced in the Ohio Senate becomes law. Ohio Senate Bill No. 220 (S.B. 220),…
In the wake of Equifax, states respond with new legislation
Not surprisingly, states are responding to the Equifax breach, but they are taking different approaches. Here are how two states are responding: Law.com reports that in New York: Attorney General Eric Schneiderman is proposing comprehensive legislation to tighten data security laws and expand protections. The Stop Hacks and Improve Electronic Data Security Act, introduced this…
Delaware House Moves Bill to Expand Data Breach Notice Law
Leslie A. Pappas reports: The Delaware House has moved legislation that would strengthen the state’s data breach notification law. The bill would require any person doing business in Delaware to safeguard personal information. It would expand the definition of personal information to include medical information, biometric data, user names and passwords, passport numbers, routing numbers…