RSS Alerts
What, you may ask, about damages? Only the Magnolia State’s attorney general can file an “unfair trade practice” complaint for non-compliance.

Share

More services

Related Stories

  • Washington passes additional data breach measure
    The state of Washington recently enacted a supplemental data breach law intended to protect financial institutions from data breaches that occur as a result of negligence by businesses or card processors, primarily those that do not encrypt card data or fail to comply with PCI DSS rules.
  • Aetna boots data breach class action suit
    Health insurer Aetna has succeeded in having a class-action lawsuit over an alleged security breach dismissed.
  • FTC warns organizations about data breach risks from P2P file sharing
    The Federal Trade Commission sent letters to nearly 100 organizations this week, warning them that customer and/or employee data are currently available on P2P networks according to its recent probe.
  • Number of victims grows for BlueCross data breach
    The number of victims affected by a data theft from Chattanooga-based health insurer BlueCross BlueShield has ballooned, following a decision by the company to notify family members of customers that are covered by a group plan.
  • Connecticut goes after Health Net for breach
    The state of Connecticut is suing health insurer Health Net, following a data breach that saw 446 000 Connecticut residents’ records compromised, it said yesterday.
  • Report reveals hacking to be top cause of data breaches in 2009
    Although the total number of reported data breach incidents fell year over year in 2009, the number of compromised records was still estimated at over 222 million. For the first time this past year, malicious attacks, which include hacking and insider theft, overtook human error as the leading cause of data breach in the US. This is according to a recent report compiled by the Identity Theft Resource Center, a San Diego-based non-profit that tracks occurrences of identity theft.

Top 5 Stories

News

Mississippi ratifies data protection law

20 April 2010

Mississippi became the most recent state to pass a data breach measure last week, leaving just four states without similar protections. However, the law does not permit citizens of the Magnolia State to sue for damages that result from a data breach.

A data breach security and notification measure was signed into law by Mississippi Gov. Haley Barbour last week, which means just four US states – Alabama, Kentucky, New Mexico, and South Dakota – do not afford its citizens similar safeguards and notification procedures when personal data is compromised.

House Bill No. 583 was signed by Gov. Barbour in early April; the statute requires all persons or organizations conducting business in Mississippi to notify affected citizens if their personal or banking data is accessed by unauthorized individuals. Responsible parties that store this data will be required to conduct an investigation of the event and notify the people concerned only if the data “was, or is reasonably believed to [have] been, acquired by an unauthorized person for fraudulent purposes”, according to the law.

Infosecurity notes that, absent this perceived malicious intent, the bill does not require persons or organizations that sustain a data breach to notify if the compromised party “reasonably determines that the breach will not likely result in harm to the affected individuals”. The law also does not apply to personal data that is freely available to the public from government records.

The Mississippi data protection statute – which goes into effect on July 1, 2011 – contains provisions to delay the notification of data breach victims, apparently even if their personal information has the potential to be misused. Law enforcement reserves the right to delay notification for an unspecified “reasonable period” if authorities determine that disclosure of the data breach would impact a pending criminal investigation or national security.

The bill also contains a curious little caveat at its close, one that bars private citizens in Mississippi from judicial recourse – presumably via civil courts – if their data is compromised as the result of a breach, a fact that was confirmed for Infosecurity by a deputy spokesperson in Gov. Barbour’s office. The law specifies that only the state’s attorney general will able to bring about an “unfair trade practice” suit if organizations and individuals do not comply with the provisions of the data breach bill.

This article is featured in:
Data Loss  • Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012