Security breach laws typically have provisions regarding who must comply with the law (e.g., businesses, data/ information brokers, government entities, etc); definitions of “personal information” (e.g., name combined with SSN, drivers license or state ID, account numbers, etc.); what constitutes a breach (e.g., unauthorized acquisition of data); requirements for notice (e.g., timing or method of notice, who must be notified); and exemptions (e.g., for encrypted information). All 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands, according to the National Conference of State Legislatures survey, have enacted legislation requiring private or governmental entities to notify individuals of security breaches of information involving personally identifiable information.
- Information Policy for Information Professionals
- Colorado Caps Insulin Co-Pays at $100/month
- CRS Report: Retroactive Legislation: A Primer for Congress
- The ABA Profile of the Legal Profession on Legal Research Choices and Adoption of Artificial Intelligence-based Tools
- Rethinking the Dual Provider Licensing Equation
- Fastcase, Casetext, ROSS and Reconsidering the Sole Provider Option
- What technology tools rank most important to lawyers in driving efficiency?
- Reinforcing the ‘Crumbling Infrastructure of Legal Research’ Through Court-Authored Metadata
- What is the Current State of Natural Language Generation for Content Creation?
- Ethical Tensions in Using Applied AI Output from Predictive Technology
Just in case you don't get it: The views expressed are solely those of the blog post author and should not be attributed to anyone else, meaning they do not necessarily represent the views of any organization that the post author is affiliated with or with the views of any other author who publishes on this blog.
- 223,953 hits