Privacy Law Blog

Tag Archives: PCI DSS

Bellwether or Bust? Washington Governor Signs Payment Card Data Breach Liability Provisions Into Law

On March 22, 2010, Washington Governor Christine Gregoire signed H.B. 1149 into law, making her state the second behind Minnesota to hold businesses and governmental entities responsible to financial institutions for certain costs arising from payment card information breaches. As of July 1, entities that process more than 6 million credit or debit card transactions annually who fail to reasonably safeguard card information can be required to reimburse financial institutions for the costs related to the re-issuance of cards as well as attorneys fees and costs in the event that a security breach involving payment card information is a proximate result. … Continue Reading

In Response To TJX Data Breach, One State Enacts Legislation Imposing New Security and Liability Obligations; Similar Bills Pending in Five Other States

Lawmakers in six states have responded quickly to the massive data breach at TJX Companies, Inc. with various bills designed to strengthen merchant security and/or render companies liable for third party companies’ costs arising from data breaches. These latest bills – introduced in California, Connecticut, Illinois, Massachusetts, Minnesota and Texas – represent a new front of … Continue Reading
LexBlog