States Push Tough Data-Breach Laws

States are stepping in to protect consumers from data breaches.

For example, North Carolina is mulling a bill that would make the state “one of the strictest one of the strictest jurisdictions for data security in the country,” writes the National Law Review.

Among the provisions reported by the National Law Review:

Consumers would have to be notified only 15 days after an incident “This would be 15 days faster than the current earliest deadline for notifying data subjects and would pose significant logistical challenges for any company required to give notice,” the National Review observes.

Credit-reporting agencies hit by data breaches would have to provide five years of free credit reports to victims.

Data breaches would be defined as ransomware attacks in which personal information was accessed.

Meanwhile, the South Dakota Senate has advanced a bill that would require companies to inform state residents whose personal data was exposed in a data breach, according to AP.

The Senate Attorney Judiciary Committee voted 7-0 to advance Attorney General Marty Jackley’s bill, AP continues.

Residents would have to be notified within 60 days of a breach unless the AG and firm decided it would not harm the affected people, AP writes. Also, companies would have to inform the AGs office of any breach affecting over 250 residents. 

Next story loading loading..