Alabama’s new breach law

Greg Price recently submitted an article to the Troy Messenger, Alabama’s new breach law:

Starting June 1, 2018, private and public entities must establish reasonable data security measures and notify those affected negatively when personal data has been compromised. Despite Alabama being last to the data breach notification parade, our law has been described among the most stringent in the nation. From my personal experiences, I agree, Alabama’s law takes into consideration third-party service providers which many states neglect. Alabama’s inclusion of “third-party agents,” that is to say, entities contracted to maintain, store, process, or otherwise permitted to access sensitive personally identifying information in connection with providing services to a covered entity, is outstanding for Alabama’s citizens – there is no hiding, passing of the proverbial buck: if you collect electronic information from your customers, you are responsible for it.

Read Full Article

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s