Comments for Neff Law Firm http://nefflaw.com a professional law firm Sun, 06 May 2012 02:09:19 +0000 hourly 1 http://wordpress.org/?v=3.3.2 Comment on Data Breach Notification: “Uh oh! The personal data in our database has been hacked” by NJSLA Jobs: Information Specialist – Mergers & Acquisitions, New York http://nefflaw.com/2012/03/19/data-breach-notification-uh-oh-the-personal-data-in-our-database-has-been-hacked/comment-page-1/#comment-11 NJSLA Jobs: Information Specialist – Mergers & Acquisitions, New York Sun, 06 May 2012 02:09:19 +0000 http://nefflaw.com/?p=512#comment-11 [...] First, I reviewed California’s very recent law governing security breach notification, which just took effect in January, and requires that any business or entity conducting business in California notify California residents whose unencrypted “personal information” was or is believed to have been acquired by an unauthorized person through a security breach. California led the nation with its original data breach law, but our legislators thought it needed updating. The new law, which amends California Civil Code Sections 1798.29 and 1798.82, sets out when a notice to a business’ victims must be sent, what form the notice must take (physical notice or email) and what the notice must contain. The incident must be described, the timing of the incident disclosed, and contact information given for the business/entity. The type of personal information hacked must be disclosed, and if the breach exposed a social security number or driver’s license number, toll free numbers of the major credit-reporting agencies must be provided. If the breach affects 500 or more California residents, the state attorney general must be notified (with an exception for certain health information/HIPPA-compliant companies).Source: nefflaw.com [...] [...] First, I reviewed California’s very recent law governing security breach notification, which just took effect in January, and requires that any business or entity conducting business in California notify California residents whose unencrypted “personal information” was or is believed to have been acquired by an unauthorized person through a security breach. California led the nation with its original data breach law, but our legislators thought it needed updating. The new law, which amends California Civil Code Sections 1798.29 and 1798.82, sets out when a notice to a business’ victims must be sent, what form the notice must take (physical notice or email) and what the notice must contain. The incident must be described, the timing of the incident disclosed, and contact information given for the business/entity. The type of personal information hacked must be disclosed, and if the breach exposed a social security number or driver’s license number, toll free numbers of the major credit-reporting agencies must be provided. If the breach affects 500 or more California residents, the state attorney general must be notified (with an exception for certain health information/HIPPA-compliant companies).Source: nefflaw.com [...]

]]>