Bills Require Consumer Notification 45 Days After Data Breached

Bills Require Consumer Notification 45 Days After Data Breached

LANSING – Banks, businesses, government agencies and nonprofits that suffer a data security breach would have 45 days to inform all of their impacted customers, under a pair of bills reported out of the House Financial Services Committee Wednesday.

HB 6405 and HB 6406, sponsored by Committee Chair Diana Farrington (R-Utica) and Rep. Joseph Graves (R-Linden), would assess $2,000 fines for each violation or $5,000 for each day a “covered entity” fails to take action to comply with the notice requirements. The maximum fine would be $250,000 for the same security breach.

The 45-day time period was the main point of contention. A General Motors representative did not speak, but submitted a card urging the time period be extended to 90 days.

This story was published by Small Business Association of Michigan.

 

 

By |2018-12-06T20:17:13+00:00December 6th, 2018|Cyber Defense, Small Business Association of Michigan|

About the Author:

Leave A Comment