Data Breach Notification Act effective as of June 1, 2018

Today, Alabama becomes the 50th state in the nation to require data breach notification. Alabama’s Data Breach Notification Act of 2018 requires notification to any affected individual when a business determines breached data could cause substantial harm to the consumer. Breaches of more than 1,000 individuals also must be reported to Alabama’s attorney general and consumer credit-reporting agencies. The new law lays out specific actions breached businesses must make and guidance for reasonable security measures.

Ted Hosp talks to Alabama Retail members about the Data Breach Notification Act of 2018.

In a conference call last month to Alabama Retail Association members, Montgomery attorney Ted Hosp, one of the primary negotiators on the legislation, reviewed steps to take if sensitive information is stolen that is likely to cause harm to the consumer.

Stolen information that could trigger the law includes a person’s first and last name along with such numbers as Social Security, tax identification, driver’s license, financial account or health insurance.

Familiarity with the law matters to retailers, because protecting customer relationships through strong data security is top of mind for all retailers.

More on this law from Alabama Retail

Recorded briefing and synopsis provided by Ted Hosp

Alabama Retail’s summary of the Data Breach Notification Act