Posts Tagged ‘state data protection law’

A Twist Within a New State Breach Notice Law: Maryland’s Also Requires Information Security Safeguards

Monday, May 28th, 2007

Here’s something that you don’t see in other states…
On May 17, Maryland Governor Martin O’Malley signed into law two identical bills, one from the House and one from the Senate, that require businesses to notify state residents if their unencrypted or unredacted personal information, whether in electronic or paper form, is breached. In addition to mandating breach notification, the new law contains data security and data destruction requirements for companies doing business in the state.

(more…)

More Reason to Strengthen Information Security: New MN Law Restricts How Long Merchants Can Retain Purchase Information

Monday, May 28th, 2007

To date we have at least 37 U.S. states that have enacted breach notice laws, (Maryland’s new breach notice law was signed May 17th), but these address how to react AFTER personally identifiable information (PII) has been compromised. Multiple federal-level bills proposed but none yet passed.

(more…)

Many New U.S. State and Federal Privacy Bills Introduced, and Some New State Data Protection Laws Signed

Monday, May 21st, 2007

Boy oh boy, do we ever need a comprehensive federal data protection law in the U.S.! Each week more and more state level laws are introduced, many of them passed, all dealing with different aspects of data protection, and all impacting and complicating an information security and privacy professional’s responsibilities.
This past week was a busy one with a flurry of new and updated bills related to protecting privacy introduced, and a few new state laws.

(more…)