New Data Breach Law In Connecticut Begins October 1
Thursday, September 20, 2012
A new data breach law goes into effect in Connecticut on October 1. The Connecticut Attorney General office announced:
"Connecticut law generally requires anyone who conducts business in Connecticut and who – in the ordinary course of business – owns, licenses or maintains computerized data that includes personal information to disclose a security breach without unreasonable delay to state residents whose personal information is believed to have been compromised. Failure to provide such notice could be considered a violation of the Connecticut Unfair Trade Practices Act (CUTPA)."
The new law includes an email address for companies to report breaches directly to the Connecticut AG office. Previously, companies were required to notify only consumers affected by data breaches. Now, companies must notify both breach victims and the state.
You can follow this conversation by subscribing to the comment feed for this post.