The Florida Information Protection Act of 2014 was approved by Governor Rick Scott on June 20. It has some commendable features (not all of which are new under Florida law), but I also spot some concerns. On a positive note: 1. It uses an access trigger instead of an acquisition trigger for notification. 2. It now…
Category: State/Local
Los Angeles County moves to require computer encryption after medical data breach
Abby Sewell reports: Following a break-in at a county health contractor’s office that led to the theft of computers containing personal information about more than 342,000 patients, Los Angeles County supervisors moved to tighten protocols for protecting data. The county already requires that workers’ laptops be encrypted. The supervisors voted Tuesday to extend that policy…
Iowa amends data breach law to cover paper records and to create central reporting
Mark Wolski of Bloomberg BNA reports: April 8 –Iowa Gov. Terry Branstad (R) recently signed legislation (S.F. 2259) that amends the state’s data breach notification law to require covered entities to notify the state attorney general of breaches affecting more than 500 Iowans. Under the measure, covered entities must notify the attorney general within five…
KY: Cyber-security breach notification bill goes to governor
Gregory A. Hall reports: The bill to require public agencies to notify people whose personal information has been compromised in a cyber-security breach got final approval from the House on Friday and now will go to Gov. Steve Beshear. The House concurred in the changes made by the Senate on House Bill 5, the cyber-security…
Ohio AG seeks harsher ID theft penalties for those victimizing service members
The AP reports: Ohio’s attorney general and two state lawmakers are pushing for harsher penalties against scammers who commit identity fraud and other theft crimes against active-duty service members and their spouses. The bill from Republican state Reps. Mike Dovilla and Terry Blair amends the current identity fraud and theft laws to increase penalties for…
RI: AG Kilmartin Legislation Would Give Victims of Data Breaches One Free Year of Credit Monitoring
Citing the increasing rate in which consumers information is compromised due to data breaches at companies, Attorney General Kilmartin has authored legislation that would, among other things, require that entities who disclose a breach to a victim who is a Rhode Island resident must provide one year of credit monitoring at no cost to the…