Scarinci Hollenbeck, LLC

201-896-4100 info@sh-law.com

Is a Federal Data Breach Notification Law on the Horizon?

Author: Scarinci Hollenbeck, LLC|April 18, 2014

Is a Federal Data Breach Notification Law on the Horizon?

Nearly all 50 states have data breach notification laws in place. Generally, these laws dictate how private and government entities must notify individuals of data breaches involving personally identifiable information, commonly referred to as PII.

However, when a widespread data theft occurs and impacts customers across the country, there is no singular response procedure required. The lack of a single federal response statute puts both companies and consumers at a disadvantage. Most notably, corporations must comply with a patchwork of local and federal legislation rather than one federal standard. For consumers, this often slows down the notification process considerably.

In the wake of the high-profile Target data breach, Attorney General Eric Holder called on Congress to create a strong, national standard for quickly notifying consumers that they may have fallen victim to a cyberattack.

Holder stated in a press release: “Today, I’m calling on Congress to create a strong, national standard for quickly alerting consumers whose information may be compromised. This would empower the American people to protect themselves if they are at risk of identity theft. It would enable law enforcement to better investigate these crimes – and hold compromised entities accountable when they fail to keep sensitive information safe. And it would provide reasonable exemptions for harmless breaches, to avoid placing unnecessary burdens on businesses that do act responsibly.”

At least one bill is currently pending in Congress. The Data Security Act, sponsored by Senators Tom Carper (D-Del.) and Roy Blunt (R-Mo.), includes measures companies must take to protect sensitive customer data as well as methods by which businesses must notify customers when breaches occur. Given the importance of this issue to New York and New Jersey businesses, we will closely monitor proposed data breach notification legislation. In the meantime, we encourage companies to bolster their own internal procedures. For specific tips, please see, Is Your New York Business Prepared to Stop a Data Breach?

If you have any questions about this post or would like to discuss the issues involved, please contact me, Cyber Jurist Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch – Where Law, Technology, & Politics Collide.

 

Is a Federal Data Breach Notification Law on the Horizon?

Author: Scarinci Hollenbeck, LLC

Nearly all 50 states have data breach notification laws in place. Generally, these laws dictate how private and government entities must notify individuals of data breaches involving personally identifiable information, commonly referred to as PII.

However, when a widespread data theft occurs and impacts customers across the country, there is no singular response procedure required. The lack of a single federal response statute puts both companies and consumers at a disadvantage. Most notably, corporations must comply with a patchwork of local and federal legislation rather than one federal standard. For consumers, this often slows down the notification process considerably.

In the wake of the high-profile Target data breach, Attorney General Eric Holder called on Congress to create a strong, national standard for quickly notifying consumers that they may have fallen victim to a cyberattack.

Holder stated in a press release: “Today, I’m calling on Congress to create a strong, national standard for quickly alerting consumers whose information may be compromised. This would empower the American people to protect themselves if they are at risk of identity theft. It would enable law enforcement to better investigate these crimes – and hold compromised entities accountable when they fail to keep sensitive information safe. And it would provide reasonable exemptions for harmless breaches, to avoid placing unnecessary burdens on businesses that do act responsibly.”

At least one bill is currently pending in Congress. The Data Security Act, sponsored by Senators Tom Carper (D-Del.) and Roy Blunt (R-Mo.), includes measures companies must take to protect sensitive customer data as well as methods by which businesses must notify customers when breaches occur. Given the importance of this issue to New York and New Jersey businesses, we will closely monitor proposed data breach notification legislation. In the meantime, we encourage companies to bolster their own internal procedures. For specific tips, please see, Is Your New York Business Prepared to Stop a Data Breach?

If you have any questions about this post or would like to discuss the issues involved, please contact me, Cyber Jurist Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch – Where Law, Technology, & Politics Collide.

 

Firm News & Press Releases

No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.