Re: Federal Security Breach legislation

["Halbert Thomas" <halbertt () gmail com>]

Ohio recently passed a bill that requires that subjects be notified of data
loss whenever it poses risk of identity theft.  It is HB 104 in the 126th
Session.  Took effect on 2/16.  Here is the summary:
*require a state agency, an agency of a political subdivision, or a person,
including a business entity that does business in Ohio, to contact
individuals residing in Ohio if unencrypted or unredacted personal
information about those individuals that is included in computerized data
owned or licensed by the agency, person, or business entity is accessed and
acquired by unauthorized persons and causes or reasonably is believed will
create a material risk of the commission of the offense of identity fraud or
other fraud to the individual, and to authorize the Attorney General to
investigate and enforce compliance with the requirements.

*It can be viewed here:
http://www.legislature.state.oh.us/bills.cfm?ID=126_HB_0104

Halbert
On 2/22/06, Saundra Kae Rubel <privacylaws () sbcglobal net> wrote:
> I haven't heard boo from Congress about a federal
>
> notification law (though there are several state ones) so I don't know
>
> what the status is there, ….


--
Halbert Thomas


_______________________________________________
Dataloss mailing list
Dataloss () attrition org
https://attrition.org/mailman/listinfo/dataloss