Jason C. Gavejian writes: On January 1, 2015, Delaware employers who dispose of records which contain the unencrypted personal identifying information of employees must take steps to ensure the privacy of such information. The bill, H.B. 294, was recently signed by Delaware’s Governor Jack Markell. Delaware also enacted a companion bill, H.B. 295, in July which imposed the…
Category: State/Local
Delaware Adopts Law Requiring the Destruction of Consumers’ Personally Identifiable Information.
Steven Caponi and Elizabeth Sloan of Blank Rome LLP write: On July 1, 2014, Delaware Governor Jack Markell signed into law Delaware House Bill 295, which amends Section 6 of the Delaware Code relating to trade and commerce. The new law, 6 Delaware Code §§50C-101 thru 50C-401, places new obligations on commercial entities with respect…
Some comments on the Florida Information Protection Act of 2014
The Florida Information Protection Act of 2014 was approved by Governor Rick Scott on June 20. It has some commendable features (not all of which are new under Florida law), but I also spot some concerns. On a positive note: 1. It uses an access trigger instead of an acquisition trigger for notification. 2. It now…
Los Angeles County moves to require computer encryption after medical data breach
Abby Sewell reports: Following a break-in at a county health contractor’s office that led to the theft of computers containing personal information about more than 342,000 patients, Los Angeles County supervisors moved to tighten protocols for protecting data. The county already requires that workers’ laptops be encrypted. The supervisors voted Tuesday to extend that policy…
Iowa amends data breach law to cover paper records and to create central reporting
Mark Wolski of Bloomberg BNA reports: April 8 –Iowa Gov. Terry Branstad (R) recently signed legislation (S.F. 2259) that amends the state’s data breach notification law to require covered entities to notify the state attorney general of breaches affecting more than 500 Iowans. Under the measure, covered entities must notify the attorney general within five…
KY: Cyber-security breach notification bill goes to governor
Gregory A. Hall reports: The bill to require public agencies to notify people whose personal information has been compromised in a cyber-security breach got final approval from the House on Friday and now will go to Gov. Steve Beshear. The House concurred in the changes made by the Senate on House Bill 5, the cyber-security…