States Propose New Data Breach Legislation

January 23, 2018, Written By Lynn Oldshue
States Propose New Data Breach Legislation

While U.S. senators are pushing for tougher federal data breach laws, two states have proposed legislation of their own.

If North Carolina passes their Act to Strengthen Identity Theft Protections law, they could become one of the strictest jurisdictions for data security in the United States, according to the National Law Review. Regulations in the bill include:

  • Ransomware attacks, such as the one that affected 57 million Uber users last year, would fall under this legislation. North Carolina would be the first state to explicitly include ransomware in their data security regulations.
  • After an incident is discovered, companies would have only 15 days to notify consumers.
  • If a credit reporting agency, such as Equifax, is breached, they will have to provide five years of free credit monitoring to affected North Carolinians. The current standard is a year of free credit monitoring, though many companies are not even making that offer.

South Dakota has also proposed stricter data breach legislation. The State’s Senate Judiciary Committee voted unanimously to advance Attorney General Marty Jackley’s bill, which would require companies to notify South Dakota residents within 60 days of discovery of a breach.

Companies would need to contact the attorney general directly if the beach affected more than 250 residents. Companies that comply with the rules of their primary regulator would be exempted from this requirement, as long as they followed the proper federal procedure.

If you do not live in one of these states, will the new regulations help you? Perhaps not immediately, but if stricter laws are successfully passed in North Carolina and South Dakota, other states may follow suit.

The information contained within this article was accurate as of January 23, 2018. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.

About Lynn Oldshue

Lynn Oldshue has written personal finance stories for for twelve years. She majored in public relations at Mississippi State University.
View all posts by Lynn Oldshue