California Amendment Mandates A.G. Notification For Major Data Breaches

A reminder that California’s new breach notification law goes into effect on January 1.  From Loeb & Loeb:

Under the revised law, when the security of consumer personal information is breached, the business that possessed the information must include in its notice to consumers:

  • A list of the types of personal information that were the subject of the breach;
  • The date of the breach;
  • A general description of the breach; and
  • Toll-free telephone numbers and addresses of the major credit reporting agencies.

If more than 500 California residents are affected as a result of a single breach, the business also must deliver a sample copy of the notice to the Office of the Attorney General.

Read more of their client alert.

I’m very excited by this law as now we’ll also be able to get more breach notifications under FOI. Until now, California really didn’t have any mandated central repository of breach notifications.

About the author: Dissent