State/Local – Page 20 – WindowsTechs.com

NM: Data Breach Notification Passes Senate Committee

Posted on March 10, 2017 by Dissent

Carol A. Clark writes: This afternoon, the Senate Public Affairs Committee unanimously passed House Bill 15, known as the Data Breach Notification Act. The legislation is sponsored by Republican Rep. Bill Rehm of Bernalillo. House Bill 15 would require… Continue reading NM: Data Breach Notification Passes Senate Committee→

Missouri proposal requires schools to tell you when child’s information stolen

Posted on March 5, 2017 by Dissent

Stephanie Garland reports: Right now the state auditor said hackers can steal your sensitive information and school districts do not have to tell you. That could change this August before some schools start. […] If passed, a new bill would change that and require school districts to report data breaches to parents and the […] Continue reading Missouri proposal requires schools to tell you when child’s information stolen→

State Data Breach Notification Laws: February 2017 Privacy Update

Posted on February 17, 2017 by Dissent

Cynthia J. Larose and Michael B. Katz of Mintz Levin write: During 2016, amendments to breach notification laws in five states went into effect (California, Nebraska, Oregon, Rhode Island and Tennessee). And by the end of last year, well over twenty states had introduced or were considering new regulations or amendments to their existing security breach […] Continue reading State Data Breach Notification Laws: February 2017 Privacy Update→

Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses

Posted on January 6, 2017 by Dissent

Mark L. Krotoski and W. Scott Tester of Morgan Lewis remind entities that duty to notify of a breach depends on state definitions of “personal information,” and more states are now including usernames or email addresses as personal information: Illinois, Nebraska, and Nevada are the latest to add usernames or email addresses to the definition […] Continue reading Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses→

Hooray for transparency: Massachusetts puts data breach archive online

Posted on January 3, 2017 by Dissent

The state’s announcement: The Office of Consumer Affairs and Business Regulation today announced the online public availability of its Data Breach Notification Archive. The Massachusetts Data Security Law (M.G.L. c.93H) requires any entity that keeps a Massachusetts resident’s personal information to notify affected residents, the Office of Consumer Affairs and Business Regulation, and the Attorney […] Continue reading Hooray for transparency: Massachusetts puts data breach archive online→

NY financial regulator to delay cyber security rules

Posted on December 23, 2016 by Dissent

Suzanne Barlynne reports: New York’s financial regulator will delay an anticipated Jan. 1 deadline for banks and insurers doing business in the state to comply with controversial cyber security rules, a person familiar with the matter said. The regulator, the New York State Department of Financial Services, will publish a revamped version of its cyber […] Continue reading NY financial regulator to delay cyber security rules→

CT: Bristol Board of Ed adopts new student data security policy

Posted on December 15, 2016 by Dissent

Susan Corica reports: The Board of Education has adopted a new policy to protect the privacy of student data, to comply with new state legislation. […] Under the new policy, “for any contract that we generate, after Oct. 1 of 2016, we need to have a clause in there that tells us exactly how they […] Continue reading CT: Bristol Board of Ed adopts new student data security policy→

Bryan Cave Data Security Breach Handbook – 2016

Posted on November 22, 2016 by Dissent

From Bryan Cave, this free resource on Incident Readiness and Response: Since the first publication of this handbook in 2014, the legal ramifications for mishandling a data security incident have become more severe. In the United States, the number of federal and state laws that claim to regulate data security has mushroomed. The European Union has also […] Continue reading Bryan Cave Data Security Breach Handbook – 2016→

New York State Proposes Cybersecurity Regulation for Financial Services Institutions

Posted on September 16, 2016 by Dissent

Micaela McMurrough, Ashden Fein and Catlin Meade write: On September 13, 2016, New York Governor Andrew Cuomo announced a proposed regulation that would require financial service institutions to develop and implement cybersecurity programs to prevent and mitigate cyber-attacks. The proposed regulation will be subject to a 45-day comment period once it is published in the New York State […] Continue reading New York State Proposes Cybersecurity Regulation for Financial Services Institutions→

Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way

Posted on September 3, 2016 by Dissent

Michael B. Katz and Cynthia J. Larose of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. write: … According to a recent summary published by the National Conference of State Legislatures, more than 25 states in 2016 have introduced or are currently considering security breach notification bills or resolutions. While much legislation remains pending in statehouses across the […] Continue reading Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way→