[Dataloss] Federal Security Breach legislation
Halbert Thomas
halbertt at gmail.com
Wed Feb 22 16:49:53 EST 2006
Ohio recently passed a bill that requires that subjects be notified of data
loss whenever it poses risk of identity theft. It is HB 104 in the 126th
Session. Took effect on 2/16. Here is the summary:
*require a state agency, an agency of a political subdivision, or a person,
including a business entity that does business in Ohio, to contact
individuals residing in Ohio if unencrypted or unredacted personal
information about those individuals that is included in computerized data
owned or licensed by the agency, person, or business entity is accessed and
acquired by unauthorized persons and causes or reasonably is believed will
create a material risk of the commission of the offense of identity fraud or
other fraud to the individual, and to authorize the Attorney General to
investigate and enforce compliance with the requirements.
*It can be viewed here:
http://www.legislature.state.oh.us/bills.cfm?ID=126_HB_0104
Halbert
On 2/22/06, Saundra Kae Rubel <privacylaws at sbcglobal.net> wrote:
>
>
> I haven't heard boo from Congress about a federal
>
> notification law (though there are several state ones) so I don't know
>
> what the status is there, ….
>
>
--
Halbert Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060222/9df64d01/attachment.html
More information about the Dataloss
mailing list