Security-breach notification laws

Wednesday, 12 December 2007, 11:08 PM EST

At least 36 states have enacted legislation requiring organizations that possess sensitive personal information to warn individuals of security breaches. California led the way in the creation of these laws, driven by concerns about identity theft and lax information security. In following California's lead, other states have expanded upon the requirements of the California statute by, for example, requiring that organizations report breaches to a state regulatory agency.

Much still needs to be learned about information security practices, security breaches, and the link between these breaches and fraud. However, the proliferation of state laws has driven many businesses to call for federal security breach legislation that overrides state law. Data holders have begun to question whether consumers pay attention to security breaches, and whether most security breaches result in identity theft.

At berkeley.edu (PDF)

[ Read more ]




Spotlight

101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Feb 10th
    COPYRIGHT 1998-2016 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //