Tag Archives: data breach notification law

South Dakota Becomes 49th State to Enact a Data Breach Notification Law

Photo of Sara GoldsteinBy Sara Goldstein on Posted in Data Breach Notification Laws
One of two remaining states without a data breach notification law has finally enacted one of its own. On March 21, 2018, South Dakota Governor Dennis Daugaard signed South Dakota Senate Bill 62 into law, creating the newest state data breach notification law, making Alabama the last holdout. South Dakota’s new statute, which will be … Continue Reading

State Data Breach Notification Requirements Specifically Applicable to Insurers

Photo of Patrick H. HaggertyBy Patrick H. Haggerty on Posted in Data Breach Notification Laws, Data Breaches, State Legislation
Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised. These laws vary, and much has been written about the challenges caused by the differences, including who must comply with the law (e.g., persons, businesses, information brokers, government entities, covered … Continue Reading

Wyoming Broadens Data Breach Notification Law

By Charles Shih and Will R. Daugherty on Posted in Data Breach Notification Laws
Wyoming recently joined the list of states passing laws that broaden the scope of their data breach notification laws. On March 2, 2015, Wyoming signed into law two bills (S.F. 35 and S.F. 36) that expand the definition of personally identifiable information (PII) and require additional minimum content requirements for notifications to affected individuals. Specifically, … Continue Reading

Vermont Grocery Store Agrees to Settlement with Attorney General for Alleged Violation of State Data Breach Response Laws

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Data Breach Notification Laws, Data Breaches
Co-authored by: Charles K. Shih Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory period required by Vermont’s Security Breach Notice Act and Consumer Protection Act. Natural Provisions, Inc. … Continue Reading

SEC To Issue Stronger Cybersecurity Guidance?

Photo of Robert OestreicherBy Robert Oestreicher on Posted in Cybersecurity, Data Breach Notification Laws
In February we wrote about whether Facebook’s IPO would set the tone under the SEC’s then-relatively new cybersecurity disclosure guidance. In subsequent months, it has become apparent that this guidance is still not yielding the level of disclosure on cybersecurity matters that regulators want. This is especially true with respect to the disclosure of past … Continue Reading

Connecticut to Require Notice to Attorney General Following a Breach

By Kimberly M. Wong on Posted in Breach Notification, Data Breach Notification Laws, Enforcement
Connecticut has been in the forefront in protecting the personal information of its residents.  In July 2010, in the first action by a state attorney general for violations of HIPAA since HITECH authorized state attorneys general to enforce HIPAA, a settlement was reached between HealthNet and the state of Connecticut – stemming from a May … Continue Reading
LexBlog