Personal information has become the prey of relentless poachers. In light of the influx of data breaches, state legislatures are taking action.  Not surprisingly, now every state has enacted data breach notification laws, which are triggered when personal information is breached.  Read below for a summary of relevant state legislation recently adopted or laws recently amended that pertaining to data breach notification.

Arizona

Arizona amended its data breach notification law, effective July 21, 2018. This amendment requires companies to notify affected consumers within a 45-day window upon discovery of a data breach. If the data breach impacts more than 1,000 consumers, companies must also notify the state attorney general as well as the three largest consumer credit reporting agencies. The state attorney general can also impose up to $500,000 in penalties for a company’s non-compliance.Continue Reading Updates to State Data Breach Laws

Yesterday Gov. Jerry Brown signed California Consumer Privacy Act of 2018, which grants California residents unprecedented control over the collection, use, and sale of personal information. Many have already speculated that other state legislatures will follow suit and adopt a similar law in their own states, as has occurred in the wake of past California laws on data privacy and security. A copy of the law can be found here.
Continue Reading New California Privacy Law Could Have Nationwide Implications

South Carolina has become the first state to enact cybersecurity legislation for the insurance industry.

On May 3, Governor McMaster signed a bill requiring South Carolina insurers to “develop, implement, and maintain a comprehensive information security program” for their customers’ data. 2017 SC H.B. 4655 (NS). Based on the insurance industry model rules, the South Carolina Insurance Data Security Act has three primary aims: it requires “licensees” to prevent, detect and remediate insurance customer data breaches.Continue Reading South Carolina Requires Cybersecurity Program for Insurance Licensees

Quick to blame a state-sponsored organization, Yahoo announced at least 500 million of their account holders had their information stolen – in 2014.

A statement released on September 22, 2016, by Yahoo’s Chief Information Security Officer, Bob Lord, says that the hackers likely have, “names, email addresses, telephone numbers, dates of birth, hashed passwords (the

Highlighting the importance of cybersecurity in a time of data breaches and cyber attacks that have compromised our national security, privacy, economy, and businesses, President Obama incorporated cybersecurity issues in his recent State of the Union address. He stated:

No foreign nation, no hacker, should be able to shut down our networks, steal our trade