We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

North Carolina and Montana Data Breach Statutes Amendments Now in Effect

30 September 2009

Recently-enacted amendments to the Montana and North Carolina data breach notifications go into effect today, October 1, 2009.

  • North CarolinaThe amendment to North Carolina’s statute increases the state’s notification requirements for smaller breaches. Under the amended law, businesses and public agencies are required to notify the state attorney general every time a resident is notified. Prior to the amendment, notification to the state attorney general was only necessary if the breach affected more than 1,000 state residents. In addition, the amendment expands the contents of any notice to residents. 
  •  Montana.   The amendment to Montana’s data breach statute expands the state’s private sector data breach notification statute to cover public-sector entities. State agencies that maintain computerized data containing personal information in a data system must make “reasonable efforts” to notify any person whose unencrypted personal information was or is reasonably believed to have been acquired by an unauthorized person. In addition, the modified law requires state agencies to develop procedures to protect social security numbers.   

The amendments to the Montana and North Carolina laws exemplify the growing number of states strengthening their data breach notification laws.   It is likely that additional states will join the trend, so compliance will require monitoring amendments.

Cybersecurity in the Health Sector

The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...

02 May 2016
Loading data