The State Legislature approved State Senator Joe Simitian´s (D-Palo Alto) SB 20, a bill to strengthen and update California´s landmark privacy protection law. The bill now goes to the Governor, who has until October 11th to sign or veto the legislation. SB 20 builds on previous legislation authored by Simitian, AB 700 (2002), which required…
Category: State/Local
Data security breach notification law update
Hunton & Williams provide a nice roundup of data breach notification law changes during the month of July. On July 1, breach notification laws in Alaska and South Carolina went into effect. On July 9, Missouri became the 45th state to enact a data breach notification law. On July 22, Senator Patrick Leahy reintroduced a…
ID theft bill proposed in Michigan
Identity theft victims will be able to seek compensation for the time and effort it takes to clean up their damaged credit history if legislation proposed by a S.W. Michigan lawmaker becomes law. Representative Matt Lori (R-Constantine) says that the bill updates Michigan law by better defining what constitutes identity theft, and increasing the penalties….
Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements
From the FAQ provided by InfoSecCompliance: What triggers the security breach notice obligations under the Security Law? In order for the breach notice requirements to be triggered under the Security Law two general events must occur (with some sub-requirements discussed further below). First, there must have been a “breach of the security of the system…
Missouri data breach notification law goes into effect soon
Perkins Coie has provided a short synopsis of key requirements of Missouri’s new data breach notification law, which goes into effect on August 28, 2009. ….. In addition to the more common elements of first name or initial and last name in combination with unencrypted Social Security Number, driver’s license number, financial account number, or…
FAQ on Nevada’s Security of Personal Information Law (NRS 603A)
InfoSecCompliance (”ISC”) was recently asked by a prospective client to provide a summary of Nevada’s Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that incorporated the Payment Card Industry Data Security Standard (”PCI”). ISC decided to try something new and create a Frequently Asked Questions document around the…