A new California law establishes standards for the information included in data breach notifications, according to a news release by Sen. Joe Simitian (D-Palo Alto).
The law, introduced by Sen. Simitian and signed by Gov. Jerry Brown, covers data breaches of financial, healthcare or other personal information and takes effect Jan. 1, 2012.
Organizations will be required to report a general description of the incident, the type of information breached and the time of the breach. In some cases, organizations will also need to provide consumers with toll-free phone numbers and addresses of the major credit reporting agencies in California.
The new law updates previous legislation that required organizations to notify individuals after a breach of personal information but did not specify what information the notification needed to include.
Data Breach at Kentucky's Lexington VA Medical Center Involves 1,900 Veterans' Personal Information
Southern California Medical-Legal Consultants Exposes 300,000 Medical Records
The law, introduced by Sen. Simitian and signed by Gov. Jerry Brown, covers data breaches of financial, healthcare or other personal information and takes effect Jan. 1, 2012.
Organizations will be required to report a general description of the incident, the type of information breached and the time of the breach. In some cases, organizations will also need to provide consumers with toll-free phone numbers and addresses of the major credit reporting agencies in California.
The new law updates previous legislation that required organizations to notify individuals after a breach of personal information but did not specify what information the notification needed to include.
Related Articles on Data Breaches:
Survey: Insiders Responsible for Most Breaches of Protected Health InformationData Breach at Kentucky's Lexington VA Medical Center Involves 1,900 Veterans' Personal Information
Southern California Medical-Legal Consultants Exposes 300,000 Medical Records