New Oregon data security law takes effect January 1

December 16, 2015 0 COMMENTS

by Joanna Perini-Abbott

Oregon’s expanded data breach law will take effect January 1, making two significant changes to the old law—a notification requirement and a change in the definition of “personal information.”  Lock that Data Down

Like the old law, the new law requires businesses that maintain personal information digitally, including information about employees, to notify Oregon residents whose electronically stored information has been compromised as soon as the breach is discovered.

read more…

Delaware businesses get new recordkeeping obligations

December 11, 2014 0 COMMENTS

by Molly DiBianca and Lauren Russell

Delaware’s new law related to the safe destruction of documents containing personal identifying information will take effect on January 1.

The law requires commercial entities to take all reasonable steps to destroy a consumer’s personal identifying information within the business’s custody and control when the information is no longer to be retained. Destruction includes shredding, erasing, or otherwise destroying or modifying the personal identifying information to make it entirely unreadable or indecipherable through any means.

read more…