I've Been Mugged Blog: New Data Breach Law In Connecticut Begins October 1

Study: Small And Medium Sized Businesses Face Growing Data Security Threats

Anthem Blue Cross Settles With California Attorney General Over Data Breach

New Data Breach Law In Connecticut Begins October 1

Thursday, September 20, 2012

A new data breach law goes into effect in Connecticut on October 1. The Connecticut Attorney General office announced:

"Connecticut law generally requires anyone who conducts business in Connecticut and who – in the ordinary course of business – owns, licenses or maintains computerized data that includes personal information to disclose a security breach without unreasonable delay to state residents whose personal information is believed to have been compromised. Failure to provide such notice could be considered a violation of the Connecticut Unfair Trade Practices Act (CUTPA)."

The new law includes an email address for companies to report breaches directly to the Connecticut AG office. Previously, companies were required to notify only consumers affected by data breaches. Now, companies must notify both breach victims and the state.

Posted at 11:28 AM in Breach Notification, Corporate Responsibility, Government, Identity Theft, Legislation | Permalink | Comments (0)

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.