Tag Archives: personal information

Delaware: The Latest State to Amend its Data Breach Notification Law

Delaware joins the growing number of states that recently amended their data breach notification law. On August 17th, Delaware amended its data breach notification law with House Bill 180, the first significant change since 2005, effective 240 days after enactment (on or about April 14, 2018).  Delaware maintains the state law trend of requiring businesses … Continue Reading

Nevada Updated Its Definition of Personal Information, Have You?

When businesses set out to safeguard “personal information,” a fundamental consideration is what that term means. Likewise, when negotiating a third-party vendor agreement, it typically is not enough to rely on the standard definition for “confidential information.” Recently, Nevada and other states have updated their definitions of personal information in connection data breaches notification and … Continue Reading

FCC Settles First Data Security Action

UPDATE:  The Federal Communications Commission (FCC) has reached a settlement with two telecom companies in connection with allegations the telecom companies violated the law regarding the privacy of phone customers’ personal information. As we previously reported and discussed, in October 2014 the FCC initiated its first data security case against TerraCom, Inc. and YourTel America, … Continue Reading

FCC Issues First Data Security Fine

On October 24, 2014, the Federal Communications Commission (FCC) announced its intention to fine two telecom companies $10 million for several violations of laws protecting the privacy of phone customers’ personal information.  This marks the FCC’s first data security case and the largest privacy action in the FCC’s history. According to the FCC, TerraCom, Inc. … Continue Reading

Delaware Joins List of States Regulating Data Disposal

On January 1, 2015, Delaware employers who dispose of records which contain the unencrypted personal identifying information of employees must take steps to ensure the privacy of such information.  The bill, H.B. 294, was recently signed by Delaware’s Governor Jack Markell. The new law defines personal identifying information as an employee’s first name or first initial … Continue Reading

Best Practices For Gramm-Leach-Bliley Compliance

The U.S. Commodity Futures Trading Commission (Commission) issued a Staff Advisory on best practices for financial institutions that must comply with Gramm-Leach-Bliley Act (GLBA) provisions on data security and customer privacy. GLBA was enacted to ensure that financial institutions respect the privacy of their customers and protect the security and confidentiality of nonpublic personal information.  Specifically, … Continue Reading

New Jersey Settles Alleged COPPA Violation

In a recent consent order, the New Jersey Division of Consumer Affairs settled an investigation involving Dokogeo, Inc., a California based mobile application developer. Under the Children’s Online Privacy Protection Act (“COPPA”) websites and online services which collect information from children younger than 13 are subject to certain parental notice and consent requirements. In the Dokogeo … Continue Reading

California Considers Broader and Tougher Data Disclosure Requirements for Use of Customer Personal Information

In the face of increasing incidences of and rising public concern regarding identity theft, the California Legislature is considering a bill with new personal information data disclosure requirements for California businesses and a broad definition of what constitutes personal information. California Assembly Bill 1291, would require businesses who have customer personal information and have disclosed … Continue Reading

Don’t Mess With Texas–Amended Law Imposes Breach Notification Obligations In All 50 States

In a novel approach to data breach notification requirements, Texas has amended its breach notification law (Business & Commerce Code, Section 521.053) to require notification to residents of not only Texas, but to residents of each of the 50 states.  The amendment becomes effective September 1, 2012, and applies to “all persons who conduct business … Continue Reading

California and Massachusetts Legislatures Push Data Breach and Security Bills

In distinct efforts to strengthen data security requirements, the California and Massachusetts legislatures recently passed bills affecting data breach notification requirements and data security notification, respectively.   On April 14, 2011, the California senate approved S.B. 24, requiring California businesses and agencies to notify the state attorney general if more than 500 California residents are notified … Continue Reading
LexBlog