Data Privacy Regulations

National Data Breach Legislation: Report Breaches or Go to Jail

December 1, 2017
#legal, #databreach, #news, #breachnotification, #pr

The brazenness of Uber's shirking of data breach notification laws may provide the impetus for new national legislation.

Uber is just the latest in a long line of data breaches that have the public up in arms. The Equifax breach spawned a few pieces of legislation, a few of which are still floating around. And State data breach notification laws are always changing and getting tougher.

This time may be different. A group of Senators led by Bill Nelson, D-Fla have banded together and are pushing the Data Security and Breach Notification Act.

The scope of this new legislation is limited; loss of simple personally identifiable information such as only last name or address or phone would not trigger penalties. But other info like account numbers, social security numbers, and things that would enable identity theft would require notification of customers within 30 days. Failure to comply could mean a five-year prison sentence for organizations caught concealing data breaches.

Reduce your chances of a catastrophic data breach. Download CSR's Guide to PII. It's right out of our Readiness program. 
Get it now: CSR's PII Privacy Practice .

National data breach notification law proposed by Senate Commerce Committee members
Privacy Prime
  • 22 Jan 2018

    Meticulous Equifax Timeline

    Data Breach timeline for Equifax's 2017 Data Breach. One of the most significant data breaches to date.

  • 22 Jan 2018

    2017 Year End Review

    Every year breaches are becoming more prevalent and have a much higher impact then years prior. Take a look at some of the breach reports that it made it on our list.