Alston & Bird write: Oregon has updated its data breach notification statute to broaden the definition of personal information that will trigger notice to individuals and add the requirement to notify the state’s Attorney General of certain breaches. Oregon Governor Kate Brown signed into law SB601 on June 10, and it was enrolled on June 15. The…
Category: State/Local
North Dakota amends data breach notification law
Christin McMeley and Bryan Thompson write: On April 13 North Dakota Governor Jack Dalrymple signed S. 2214 into law, which amended the state’s data breach statute in an attempt to expand the reach of the state’s notification requirements and the range of businesses subject to them. As the law is currently written, North Dakota’s data breach statute…
Nevada expands definition of PI for purposes of the state’s breach and safeguards laws
Morrison & Foerster LLP write: Nevada’s recently amended law will, among other things, create the first state mandate to encrypt online account credentials. Specifically, on May 13, 2015, Nevada Governor Sandoval approved a bill (“AB 179”) to expand the definition of “personal information” for purposes of the state’s security breach notification and personal information safeguards…
The Data Breach Notification That Cried Wolf: How Connecticut’s Overbroad Data Breach Notification Statute Undermines the Effectiveness of Consumer Protection
Jackson Raymond Schipke, Connecticut, 3L Roger Williams University Law School writes: Connecticut’s data breach statute is a wolf in sheep’s clothing. That statute’s definition of “breach of security” is overbroad, encourages over-notification, and undermines the goal of protecting consumers from identity theft. In Connecticut, notification is triggered by mere access of personal information, a statutory…
Why Alabama data breach law won’t apply to banks
Michael Seale reports: Alabama lawmakers are considering a bill that would require businesses and government entities to notify the Alabama Attorney General and impacted individuals about a data security breach. If passed, the bill would make Alabama the 48th state to have a form of data breach notification law. But one group not included in…
Data Security Act Introduced in New York State Assembly
On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards. Read more on Hunton & Williams Privacy & Information Security Law Blog. So far, there does not appear to be any companion or mirror bill…