LANSING – With Yahoo having up to 1 billion users’ emails compromised, employee data breached from the Federal Government multiple times, and other personal information data breaches, Michigan employers need to take greater action than ever before to protect their data. If your Michigan organization experiences a breach, the Michigan Identity Theft Protection Act of 2004 (Act 452 of 2004) covers the requirements for organizations. Since HR departments handle and store sensitive personal data, they need to have good knowledge of this law.

This law covers any person or legal entity that owns or licenses personal information that is included in a database. Third party licensees must notify the owner or licensor of the information of a security breach unless it’s determined that the breach has not or is not likely to cause substantial loss or injury to, or result in identity theft with respect to one or more Michigan residents.

To read the rest of this column, click on https://www.sbam.org/Resources/tabid/97/ArtMID/2980/ArticleID/2667/Michigan-requirements-for-data-breaches.aspx