Security breach laws typically have provisions regarding who must comply with the law (e.g., businesses, data/ information brokers, government entities, etc); definitions of “personal information” (e.g., name combined with SSN, drivers license or state ID, account numbers, etc.); what constitutes a breach (e.g., unauthorized acquisition of data); requirements for notice (e.g., timing or method of notice, who must be notified); and exemptions (e.g., for encrypted information). All 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands, according to the National Conference of State Legislatures survey, have enacted legislation requiring private or governmental entities to notify individuals of security breaches of information involving personally identifiable information.
- Law Library of Congress Publishes Guide to Compiling a Federal Legislative History
- Regulation of Artificial Intelligence in Selected Jurisdictions Around the World
- 2019 Class of the Fastcase 50 Announced
- New York State Announces $5.8 Million Multistate Settlement With LexisNexis Risk Solutions
- Banned from AALL! Our Association Sanctions LexisNexis for Anticompetitive Tying Sales Policy
- Boycotting ICE’s Data Broker at AALL19: It’s a Matter of Conscience for Some
- Trump’s Dangerous Judicial Legacy
- Information Mischief Under the Trump Administration
- Illinois’ cannabis bill is first to incorporate reparations
- Opening: Reference/Business & Finance Librarian
Just in case you don't get it: The views expressed are solely those of the blog post author and should not be attributed to anyone else, meaning they do not necessarily represent the views of any organization that the post author is affiliated with or with the views of any other author who publishes on this blog.
- 220,373 hits