SB238 Alabama 2016 Session

Summary

Primary Sponsor

Arthur Orr Senator

Republican

Session

Regular Session 2016

Title

Consumers and consumer protection, protection of data containing personal information, notification of breach of to Attorney General and consumers required, disposal of records, civil penalty

Description

Existing law does not require a person that owns, licenses, or maintains data containing personal information of an Alabama resident to notify the resident if the personal information is breached by an unauthorized person.

This bill would create the Alabama Information Protection Act of 2016 to provide for the protection of sensitive personally identifying information and notice to individuals whose personal information has been breached.

This bill would require specified entities, including governmental entities and third-party agents, to notify the Attorney General and the individual owners of personal information upon a data security breach.

This bill would require these entities to provide notice to credit reporting agencies of security breaches of personal information involving more than 1,000 individuals.

This bill would require the Attorney General to annually report certain information relating to security breaches to the Governor and the Legislature.

This bill would provide for the disposal of records containing sensitive personally identifying personal information, would authorize enforcement actions by the Attorney General, and would provide for the assessment of civil penalties for failure to provide the required notification.

Show more Show less

Subjects

Consumers and Consumer Protection