California’s Senate has passed an amendment to its breach notification law that would expand the notification requirement to incidents involving personal information that would allow access to online accounts, reports Hunton & Williams’ Privacy and Information Security Law Blog. SB 46 redefines personal information to include “a user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account.” The bill also allows organizations to deliver notifications in electronic form but prohibits them from using an e-mail address that may have been compromised due to the breach. The future of SB 46 hinges on the passing of Assembly Bill 1149 as well; both must be passed and enacted prior to the start of 2014 in order to become law.
Full Story


If you want to comment on this post, you need to login.