Mark Wolski of Bloomberg BNA reports: April 8 –Iowa Gov. Terry Branstad (R) recently signed legislation (S.F. 2259) that amends the state’s data breach notification law to require covered entities to notify the state attorney general of breaches affecting more than 500 Iowans. Under the measure, covered entities must notify the attorney general within five…
Category: State/Local
KY: Cyber-security breach notification bill goes to governor
Gregory A. Hall reports: The bill to require public agencies to notify people whose personal information has been compromised in a cyber-security breach got final approval from the House on Friday and now will go to Gov. Steve Beshear. The House concurred in the changes made by the Senate on House Bill 5, the cyber-security…
Ohio AG seeks harsher ID theft penalties for those victimizing service members
The AP reports: Ohio’s attorney general and two state lawmakers are pushing for harsher penalties against scammers who commit identity fraud and other theft crimes against active-duty service members and their spouses. The bill from Republican state Reps. Mike Dovilla and Terry Blair amends the current identity fraud and theft laws to increase penalties for…
RI: AG Kilmartin Legislation Would Give Victims of Data Breaches One Free Year of Credit Monitoring
Citing the increasing rate in which consumers information is compromised due to data breaches at companies, Attorney General Kilmartin has authored legislation that would, among other things, require that entities who disclose a breach to a victim who is a Rhode Island resident must provide one year of credit monitoring at no cost to the…
KY: Data security & breach notification bill sails through House committee
Kevin Wheatley reports: A bill that would improve electronic safeguards at state agencies, including notifying affected individuals of data breaches, flew through a House committee Thursday. The House State Government Committee unanimously passed House Bill 5, which boasts 74 co-sponsors and has been pushed by Kentucky Auditor Adam Edelen after his office released an audit…
U.S. companies allowed to delay disclosure of data breaches
There’s really nothing new in here that regular readers of this blog won’t know already, but Karen Freifeld reports: A decade of lawmaking by U.S. states to ensure consumers are told when their data has been hacked still lets companies such as Target Corp wait weeks or even months to disclose security breaches. Forty-six of…