The Delaware House voted pass a bill that would strengthen the state's existing data breach notification law, which has not been updated since 2005, reports Bloomberg BNA.
If passed by the Senate, the law would update existing legislation to require businesses in Delaware to safeguard personal information, including: medical information; biometric data; usernames and passwords; passport numbers; account routing numbers; and taxpayer identification numbers.
Under the bill, companies would also be required to provide customers with a year of identity theft protection services if their Social Security numbers are compromised in a security breach. The law would require companies notify affected consumers of a data breach within 60 days and notify the state attorney general of data breaches that affect more than 500 state residents.
The bill, an amended substitute from House Bill 180, reflects input from various stakeholders including the state's Department of Justice and Department of Technology and Information, the governor's office and small business groups, according to Bloomberg BNA.
Click here for the full bill text.
More articles on health IT:
Canadian hospital to build command center with GE Healthcare
Indiana Medicaid patient information exposed via internet hyperlink
UA medical school stages hack to raise physician cybersecurity awareness