National Association of Attorneys General: State data breach laws have more teeth than federal

  • Small
  • Medium
  • Large

In a July 7 letter to Congress, the National Association of Attorneys General argued that states should have the ability to enact and enforce state data breach notification, because many current state-level breach laws include more protections than federal legislation.

"In recent years, a number of states have reexamined and updated their data breach notification laws to ensure they continue to protect the sensitive information about consumers being collected," NAGS representatives wrote in the letter. "Some states now include notification requirements for compromised biometric data, login credentials for online accounts, and medical information. These categories reflect the significant increase in data collection that has occurred over the past ten years and respond to consumers’ concerns about that increase."

The NAGS wrote that states are better equipped than the federal government to adjust quickly to challenges presented by a data-driven economy. Tasking a federal agency with receiving notification for every breach that occurs in the country may work for a breach that affects consumers nationwide, but is impractical for data breaches impacting only one state or region, they wrote.

More articles on data breaches:

Orlando Health reports data breach due to illegal employee access affects 3,200 patients
Conn. Gov. signs data breach security bill into law: 6 things to know
9 latest data breaches 

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars