California Aims to Enhance Breach Notification Law
Tuesday, April 28, 2009 14:55Posted in category News
Dan Kaplan of SC Magazine is reporting that the California State Senate has passed a law (SB-20) that requires companies with data breaches to report (to victims) that a breach has occurred, as well as detailed information describing exactly what TYPE of data was lost.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Chris Merritt says:
April 28th, 2009 at 5:44 pm
Interesting that CA, which started us all down this breach notification path (thankfully), is finally getting around to strengthening the notification requirements to include more than “gee, sorry about that.” Not as tough as (the long delayed) MA law (which _requires_ encryption), but a step in the right direction, IMHO.
If anyone’s interested, I wrote some more about the details on SB-20 in my post at http://blog.lumension.com/?p=976