Canadian Privacy Commissioner Introduces Graphic Novel To Help Youth Safely Use the Internet With Mobile Devices
Consumers Pay With Methods Other Than Cash

Vermont Updates Its Breach Notification Law

On May 8, 2012, the State of Vermont amended its Security Breach Notice Act. was amended. The changes included:

  • The breach can be either a known unauthorized acquisition, or a "reasonable belief of an unauthorized acquisition..."
  • Breach notice must be provided to Vermont residents within 45 days after discovery of the breach
  • Breach notice must be given to the Vermont Attorney General with 14 business days of the date the breach was discovered, or the date affected Vermont residents were notified
  • Breach notice must include the date discovered, a description of the breach, the number of Vermont residents affected, and a copy of the notice sent to affected Vermont resident
  • Textual changes to make the law's description of sensitive personal information consistent with the industry-standard, PII (Personally Identifiable Information)

Breach notice to affected Vermont residents must describe the incident, the date of the breach, the types of personal data lost/stolen, and methods to protect sensitive personal data from further breaches

Download the amended Vermont Security Breach Notice Act (Adobe PDF).


Feed You can follow this conversation by subscribing to the comment feed for this post.


Thanks for posting those tips, I'm sure they'll come in handy for everyone. And nice job getting the top spot on the high scores!

The comments to this entry are closed.