Melissa serves as a member of the Bloomberg BNA Privacy & Security Law Report Advisory Board and the International Association of Privacy Professionals Exam Development Board.

Board Oversight of Cyberrisks: Directors and Officers Litigation

The duty of a board to monitor and oversee organizational risk includes cyberrisks. As cyberrisks and incidents proliferate, boards are seeking to enhance the information they receive about cyberrisks and incidents. One development boards should be aware of is the decision in the Palkon v. Holmes directors and officers (D&O) litigation (2014 U.S. Dist. LEXIS 148799 (D.N.J. Oct. 20, 2014)).

California Privacy Laws Change: Identity Theft and Mitigation Services

Continuing the trend of changes in state breach notification and related laws, Cal. A.B. 1710 amends California’s breach notification, security procedures, and Social Security number (SSN) laws in the wake of significant data breaches, particularly in the retail sector. (See “Changes in State Breach Notification Laws.”)

Changes in State Breach Notification Laws

As data breaches continue to occur, breach notification laws are being amended or enacted. In the United States, state and federal breach notification laws should be monitored carefully regarding changes, as should breach notification laws in other countries (e.g., Canada).

As of July 15, 2014, 47 states (other than Alabama, New Mexico, and South Dakota) plus the District of Columbia, Guam, Puerto Rico, and Virgin Islands have breach notification laws. This article addresses changes in state breach notification laws.