Several important changes have been made to Tennessee’s breach notification statue after Gov. Bill Haslam signed S.B. 2005 into law, The National Law Review reports. With the amendment, Tennessee is removing the provision stating notice will only be given if unencrypted personal information has been breached. Tennessee will be the first state in the nation requiring notification of any breach, regardless of whether the information is encrypted or not. Other changes include a mandatory notification to any resident affected by a data breach within 45 days, and specification for an “unauthorized person” to include an employee of the information holder who received personal information and deliberately used it for an illegal purpose.
If you want to comment on this post, you need to login.