Category Archives: Security Breach Notification Laws

Subscribe to Security Breach Notification Laws RSS Feed

Massachusetts Is 39th State to Mandate Breach Notification

By Proskauer Rose on August 16, 2007 Posted in Security Breach Notification Laws

Massachusetts is now the 39th state to enact a personal data breach notification law. On August 2, Governor Deval Patrick signed the law, requiring that businesses and government agencies notify residents of data breaches in certain situations. … Continue Reading

Breach Law Data

By Proskauer Rose on August 3, 2007 Posted in Identity Theft, Security Breach Notification Laws

We thought it might be helpful to provide citations to the 37 state (plus D.C. and Puerto Rico) breach notification laws that cover private entities (Oklahoma's law, that only addresses state agencies, is not included). We also provide links, or uploaded copies, where available. … Continue Reading

Oregon Becomes 38th State to Adopt Breach Notification Law

By Proskauer Rose on July 31, 2007 Posted in Security Breach Notification Laws

On July 12th, Oregon Governor Theodore R. Kulongoski signed into law S.B. 583, an omnibus data security bill scheduled to take effect on October 1. Oregon is the 38th state to enact a breach notification law. … Continue Reading

Consumer Unable to Demonstrate Injury Based on Credit Monitoring Costs in Data Breach Case

By Proskauer Rose on June 14, 2007 Posted in Identity Theft, Security Breach Notification Laws

A recent decision from the Southern District of Ohio echoes prior decisions of district courts addressing negligence claims against companies that have experienced a data breach. The court held that the cost of obtaining credit monitoring services does not count as damages without evidence of identity fraud. Kahle v. Litton Loan Servicing LP, case no. 1:05cv756. … Continue Reading

In Response To TJX Data Breach, One State Enacts Legislation Imposing New Security and Liability Obligations; Similar Bills Pending in Five Other States

By Proskauer Rose on May 29, 2007 Posted in Security Breach Notification Laws

Lawmakers in six states have responded quickly to the massive data breach at TJX Companies, Inc. with various bills designed to strengthen merchant security and/or render companies liable for third party companies’ costs arising from data breaches. These latest bills – introduced in California, Connecticut, Illinois, Massachusetts, Minnesota and Texas – represent a new front of … Continue Reading

New York Attorney General Tags Worker’s Compensation Claims Service Provider for Seven Week Delay in Security Breach Notification

By on May 11, 2007 Posted in Security Breach Notification Laws

On April 26, 2007, New York Attorney General Andrew Cuomo announced that his office entered into a settlement with CS STARS LLC for violating the state’s Information Security Breach and Notification Law, which is codified at N.Y. Gen. Bus. Law § 899-aa. Cuomo’s office targeted CS STARS for delaying, for seven weeks, the issuance of legally … Continue Reading

110th Congress Proposes Sweeping Federal Data Security Legislation

By Proskauer Rose on March 6, 2007 Posted in Security Breach Notification Laws

This entry sumarizes the four major pieces of data privacy and breach notification bills introduced thus far by the 110th Congress. … Continue Reading

New Congress May Seek To Preempt State Data Privacy Laws

By Proskauer Rose on December 21, 2006 Posted in Security Breach Notification Laws

A number of recent developments indicate that the 110th Congress, to be seated in January, may seek to federalize data privacy laws and preempt state legislation in that area. Several data security bills were introduced in the 109th Congress; however, to date, none have passed. Sen. Patrick Leahy of Vermont, the incoming chair of the … Continue Reading