Skip to Main Content
In the News

Alisa Chestler Comments on Cyber-Breach Notification Laws in Compliance Week

Florida recently put a tough new cyber-breach notification law into effect, replacing its older statute with more stringent demands upon any company that interacts with consumers there. The state is hardly alone. Lacking a comprehensive federal law to guide the notification process, 47 states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands each have their own rules on what companies must do when customer data is stolen or mishandled, many of them unique. In this Compliance Week article, Alisa Chestler comments on the patchwork of state laws. 

Meeting all the various state requirements makes compliance "almost like playing whack-a-mole," says Ms. Chestler. "If you compare it to the European Union, where the law is comprehensive and overarching, at least you have a one-stop shop," she says. "While legislators are going to argue that what they have put in place is good security practice, it still presents all companies with a burden on making sure they understand it, know it, and comply with it."

Read the Article (subscription required)

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept