Cynthia Larose and Amy Malone describe recent changes to Vermont’s law that strengthens some consumer protections: Effective as of May 8, 2012, Vermont’s updated data breach law (Act 109) brings along several changes. The biggest change is in the notification requirements. Notification to consumers must now occur no later than 45 days after discovery of the incident and must…
Category: State/Local
OH: Legislation proposal would require online security breaches to be reported
Jim Siegel reports that Rep. John Patrick Carney is planning to introduce a law requiring state agencies, businesses, and institutions to report any database security breach to the Ohio attorney general’s office if any Ohio resident’s personal information was accessed. Notification would have to be made within 40 days of discovery of a breach. Ohio…
NJ assembly passes bill requiring information stored on copy machines, scanner be deleted
In an effort to combat identity theft, a bill that would require information stored on copier machines and scanners used by consumers be wiped clean has passed the New Jersey Assembly. Democrats Paul Moriarty, Herb Conaway, M.D., and Dan Benson sponsored to combat identity theft by requiring the hard drives of all digital copy machines…
Maryland legislature passes law to help prevent child identity theft
Maryland lawmakers have approved a first-of-its-kind measure to enable parents to protect their children from having their credit damaged by identity theft. The measure, which a spokeswoman for Gov. Martin O’Malley says he is likely to sign, will allow parents to take the step of freezing their child’s credit at any time. Read more from…
Final phase of Mass. data protection law kicks in March 1
Jaikumar Vijayan reports: All companies storing personal data on Massachusetts residents have just over a month to ensure that their contractors, suppliers, technology providers and other third parties comply with a provision of a state data breach law that went into effect in March 2010. The law (download PDF) is designed to ensure that companies holding data…
Pa. Senate OKs bill requiring heads up on data breaches
The Pennsylvania Senate has unanimously passed legislation that would require state and local government agencies to notify the public of data breaches involving personal information within one week. Majority Leader Dominic Pileggi said he drafted the measure, Senate Bill 162, after three separate thefts of state-owned computers with personal information. Pileggi said that even though…