Michael B. Katz and Cynthia J. Larose of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. write: … According to a recent summary published by the National Conference of State Legislatures, more than 25 states in 2016 have introduced or are currently considering security breach notification bills or resolutions. While much legislation remains pending in statehouses across the…
Category: State/Local
The number of Texas companies held accountable for data breaches?
Shawn Shinneman reports: The Office of the Attorney General hasn’t disciplined a single Texas company for failing to notify customers of a data breach – and records show it is only directly notified of a small portion of the incidents, the Dallas Business Journal has learned. The issue could stem from the way Texas’ cybersecurity…
California Bill Would Add Security Standards to Data Breach Law
Laura Mahoney reports: A California lawmaker has revived a bill to set a “reasonably prudent” standard for businesses to protect personal consumer data, including geolocation and biometric information, in the final two weeks of the legislative session. Assemblyman Mike Gatto (D) amended A.B. 83, a bill that has been dormant for a year, setting new…
Rhode Island Data Breach Update Now Effective
Liisa M. Thomas writes: The Rhode Island updates to its breach law that we previously reported on are now effective. As a reminder, under the amended law, notice is now required 45 days after “confirmation of the breach,” and the Rhode Island attorney general is to be notified if 500 Rhode Island residents are impacted….
Tennessee Breach-Notification Law Indicative of Data-Security Regulators’ Lack of Creativity
David Zetoony of Bryan Cave writes: There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and…
Cybersecurity and Data Privacy: Proposed Legislation Would Substantially Expand and Strengthen New York’s Data Breach Notification Statute
Michael Billok, Christopher Stevens, Clifford Tsan of Bond Schoeneck & King PLLC write: A bill currently pending before the New York State Assembly (A10475) would make a number of significant changes to New York’s data breach notification statute (General Business Law Section 899-aa) in the event that it is passed and signed into law. The…