CONTRIBUTOR

ARTICLE

United States: California And Illinois Data Breach Notification Amendments Take Effect

21 March 2017

by Daniel J. McLoon , Mauricio Paez , Richard Johnson , Jonathon Little , Kevin Lyles , Todd McClelland , Jeff Rabkin , Adam Salter , Michiru Takahashi , Undine Von Diemar , Olivier Haas , Jörg Hladjk and Anand Varadarajan

Jones Day

Your LinkedIn Connections
with the authors

To print this article, all you need is to be registered or login on Mondaq.com.

On January 1, 2017, amendments to the data breach notification laws in California and Illinois went into effect. California's amendment requires notification of a security breach when: (i) there is unauthorized acquisition of both encrypted personal information and the encryption key or security credential; and (ii) the business has a reasonable belief that the encryption key or security credential could render such personal information readable or useable. The Illinois amendment expands the definition of "personal information" to include medical and health insurance information, unique biometric information, and a username or email address in combination with a password or security question and answer to access an account. It also clarifies the encryption safe harbor provision, amends the notice requirements, creates requirements to maintain reasonable safeguards to protect information for Illinois residents, and exempts from certain compliance requirements entities that comply with certain federal statutes.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Daniel J. McLoon

Jones Day

Mauricio F. Paez

Jones Day

Richard J. Johnson

Jones Day

Jonathon Little

Jones Day

Kevin D. Lyles

Jones Day

Todd S. McClelland

Jones Day

Jeff Rabkin

Jones Day

Adam Salter

Jones Day

Michiru Takahashi

Jones Day

Undine Von Diemar

Jones Day

Olivier Haas

Jones Day

Jörg Hladjk

Jones Day

Anand Varadarajan

Jones Day

ARTICLE TAGS

United States Privacy Data Protection

POPULAR ARTICLES ON: Privacy from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States Privacy Data Protection

Related Articles

New Jersey Adopts A Comprehensive Data Privacy Law Mintz

Illinois BIPA Legislative Update Regarding Damages Seyfarth Shaw LLP

CISA Publishes Proposed Rule For Cyber Reporting Bass, Berry & Sims

Minutes On The Matter With Daniel Cotter: History Of The Biometric Information Privacy Act (Video) Dickinson Wright PLLC

New Federal Privacy Bill Gains Momentum Klein Moynihan Turco LLP

Mondaq Webinars

APR24

Mastering Mediation & Arbitration: Strategies for Navigating the Rising Tide of Privacy Class Action Lawsuits

APR25

Canadian Employment Law: Updates and Emerging Trends in Employment

McCarthy Tétrault LLP

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Can, And Should, The U.S. Government Develop A CBDC System?
Braumiller Law Group, PLLC

Upcoming Events

APR24

Legal Perspective: Data Privacy Considerations Within Medical Information Operations

Speaking Engagement Boston United States

OCT23

ICSC+U.S. Law Conference 2024

Davis+Gilbert LLP

Conference Orlando United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|