Mississippi became the 46th state to enact a data breach notification law last month. Just four states – Alabama, Kentucky, New Mexico and South Dakota – have yet to pass legislation requiring a business to notify consumers if their personal information has been illegally obtained. Mississippi’s law tracks that of most states, defining personal information as a consumer’s name in combination with a driver’s license number, Social Security number or financial account number.
The law applies to any business in the state that owns or licenses such personal information, but also provides a safe harbor for companies that encrypt their information. The state’s Attorney General will enforce the law, which prohibits private lawsuits based on a data breach. The Attorney General may seek injunctive relief, and for knowing or willful violations, criminal penalties (including fines and imprisonment) or civil penalties of up to $10,000 per violation. The law becomes effective July 1, 2011.
In the wake of several large data breaches in 2005, states began passing data breach notification laws. Some states – like Massachusetts, Nevada and Washington – have taken their data breach laws a step further by adding stricter data security requirements. Instead of reacting to a data breach, the new laws are an attempt to require companies to take proactive measures to prevent or limit data breaches.
Source: Lawyers USA
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.