On June 15, 2012, Connecticut Governor Dannel P. Malloy signed budget bills H.B. 6001 (pdf) and S.B. 501 into law which, among many other things, updated the state’s data breach notification law.
The key change – persons, including businesses, required to notify residents of the Nutmeg State of a security breach must also notify the State’s Attorney General within the same time frame. Adding a requirement to notify the AG makes Connecticut’s law similar to the laws in states such as Massachusetts, New Hampshire, New York, and Vermont.
This change becomes effective October 1, 2012.