Monday, February 6, 2017

State Data Breach Notification Statutes: A Year in Review and Preparing for 2017

Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of breach notification legislation.

Several trends have emerged from these recent enactments. States are broadening the definition of “personal information,” redefining content and timing requirements for notification, clarifying the role of encryption in providing a safe harbor, and providing carve-outs for entities compliant with other privacy regulations.

The amendments enacted in Nebraska, Tennessee, and Arizona all took effect in 2016, while the updates in California and Illinois became effective on January 1, 2017.

Learn More

Michael R. Overly, Esq., Partner at Foley & Lardner LLP, will be speaking at the next Inland Southern California Cyber Security Summit (#ISCCS) 2017 in Riverside. Follow us on Twitter @IntelliFlexTeam to receive updates on this event or visit our website at www.iflex.com/events.

Summary of Amendments to State Data Breach Notification Laws in 2016

Source: Foley & Lardner LLP

No comments:

Post a Comment