SB238 Alabama 2016 Session
Crossed Over
Bill Summary
Sponsors
Session
Regular Session 2016
Title
Consumers and consumer protection, protection of data containing personal information, notification of breach of to Attorney General and consumers required, disposal of records, civil penalty
Description
<p class="bill_description"> Existing law does not require a person that
owns, licenses, or maintains data containing
personal information of an Alabama resident to
notify the resident if the personal information is
breached by an unauthorized person</p><p class="bill_description">
This bill would create the Alabama
Information Protection Act of 2016 to provide for
the protection of sensitive personally identifying
information and notice to individuals whose
personal information has been breached</p><p class="bill_description">
This bill would require specified entities,
including governmental entities and third-party
agents, to notify the Attorney General and the
individual owners of personal information upon a
data security breach</p><p class="bill_description">
This bill would require these entities to
provide notice to credit reporting agencies of
security breaches of personal information involving
more than 1,000 individuals</p><p class="bill_description">
This bill would require the Attorney General
to annually report certain information relating to
security breaches to the Governor and the
Legislature</p><p class="bill_description">
This bill would provide for the disposal of
records containing sensitive personally identifying
personal information, would authorize enforcement
actions by the Attorney General, and would provide
for the assessment of civil penalties for failure
to provide the required notification</p><p class="bill_entitled_an_act"> Relating to consumer protection; to require
specified entities to take generally acceptable industry
practices and measures to protect and secure data containing
sensitive personally identifying information in paper or
electronic form; to require the entities to notify the
Attorney General of data security breaches; to require notice
to individuals and credit reporting agencies of data security
breaches in certain circumstances; to provide for the disposal
of customer records; to provide for enforcement actions by the
Attorney General; to provide civil penalties; to provide that
this act does not create a private cause of action; and to
provide certain exemptions.
</p>
Subjects
Consumers and Consumer Protection
Bill Actions
| Action Date | Chamber | Action |
|---|---|---|
| April 27, 2016 | H | Read for the first time and referred to the House of Representatives committee on Military and Veterans Affairs |
| April 27, 2016 | S | Engrossed |
| April 27, 2016 | S | Motion to Read a Third Time and Pass adopted Roll Call 844 |
| April 27, 2016 | S | Orr motion to Adopt adopted Roll Call 843 |
| April 27, 2016 | S | Orr first Substitute Offered |
| April 27, 2016 | S | Third Reading Passed |
| March 1, 2016 | S | Read for the second time and placed on the calendar |
| February 16, 2016 | S | Read for the first time and referred to the Senate committee on Fiscal Responsibility and Economic Development |
Bill Calendar
| Type | Date | Location | Description |
|---|---|---|---|
| Hearing | February 24, 2016 | Room 727** Revised-Bill Removed** at 15:00 | Senate FR&ED Hearing |
| Hearing | February 24, 2016 | Room 727 ** Revised Public Hearing Added ** at 15:00 | Senate FR&ED Hearing |
| Hearing | February 24, 2016 | Room 727 at 15:00 | Senate FR&ED Hearing |
Bill Text
Bill Votes
Bill Documents
| Type | Link |
|---|---|
| Bill Text | SB238 Alabama 2016 Session - Introduced |