Late last year we reported Indiana Attorney General Greg Zoeller was seeking legislation which would better protect the online personal and financial information of Indiana residents. That legislation, S.B. 413, was unanimously passed by the Indiana Senate on February 24, 2015. Indiana’s bill follows similar efforts in New Jersey, New York and Oregon.
As previously mentioned, the Indiana bill would amend the state’s current data breach notification law by (i) imposing stricter requirements for the safe storage of sensitive data, (ii) reducing harm to consumers following a data breach, and (iii) increasing transparency of online privacy policies. Importantly, S.B. 413 would expand Indiana’s existing law to include protected data in all formats, as opposed to just unencrypted computerized data.
One of the bill’s sponsors, Sen. James Merritt (R), said “[d]ata breaches and identity theft are serious crimes and have become more common as technology advances. By passing this legislation, we’re taking steps to ensure consumers feel confident and protected when conducting business online.”
The measure will now head to the Indiana House of Representatives for consideration.