Tag Archives: Oregon

Oregon Amends Data Breach Notification Law to Include Vendor Obligations; Expanded Definition of Personal Information

As we recently noted, Washington state amended its data breach notification law on May 7 to expand the definition of “personal information” and shorten the notification deadline (among other changes). Not to be outdone by its sister state to the north, Oregon followed suit shortly thereafter—Senate Bill 684 passed unanimously in both legislative bodies on … Continue Reading

Maryland Restricts Employer Use of Credit History Information

On April 12, 2011, Maryland Governor Martin O’Malley signed into law S.B. 132/H.B. 87. Under this law, Maryland employers, except in limited circumstances, are prohibited from using an individual’s consumer credit history for hiring or other employment purposes.  Beginning October 1, 2011,  employers are prohibited from using credit report data to deny employment, discharge an employee, … Continue Reading

Wondering What To Do With Your “Electronic Waste”?

A new law in New York (eff. April 1, 2011) and a flurry of bills across the country (New Jersey, Nevada, Florida, Connecticut and Oregon) are aimed at requiring businesses to deal with their electronic waste in one form or another. Before discarding that old laptop, businesses should make sure they do so securely and in accordance with applicable state law.… Continue Reading

State Law Developments for Credit and Criminal Background Checks

Recent state law developments will affect whether and to what extent certain employers can conduct credit and criminal background checks on employees and applicants. Employers, particularly multi-state employers, should be sure to review these new requirements and adjust their practices accordingly. Massachusetts The Commonwealth has changed how employers access and use criminal offender record information … Continue Reading

WISPs Beyond Massachusetts

Over the past few months, many businesses, particularly in the Northeast Region, have been focusing on creating a written information security program (WISP) to comply with Massachusetts identity theft regulations that went into effect March 1, 2010. For many, this has been a significant effort, reaching most, if not all, parts of their organizations. However, … Continue Reading
LexBlog