Security Breach Notification
|Last Updated September 25, 2011|
As recently as 2005, if a company or government agency had a security breach that compromised customers' personal information, there was little chance those customers would hear about it. Times have certainly changed. The first U.S. law requiring notice of security breaches was enacted in California in 2002. It wasn't until a much-publicized breach at ChoicePoint in 2005, however, that the issue received much attention and other states began to follow California's lead. Over forty states have notice laws covering businesses, government agencies or both. Federal bank regulators have also published guidance to financial institutions as to when and how consumers should be notified of a security breach at their institution. These laws, and the bank guidance, vary from each other in many ways:
In Europe, the European Data Protection Supervisor has announced support for the creation of a security breach notification requirement for EU member states.
Companies that handle or store personal information can find information on LawServer about liability for security breaches, data security laws, special requirements for financial institutions and the special handling of credit reports.
If you have received a notice of a security breach, be sure to read about measures you can take to protect yourself from identity theft, such as monitoring your credit report, placing alerts on your credit file, or even freezing your credit file.
LawServer is for purposes of information only and is no substitute for legal advice.
© 2013 LawServer, Inc. All rights reserved