December 12, 2019

December 9, 2019

Please reload

Recent Posts

Is it time to renew your DMCA agent?

November 14, 2019

1/2
Please reload

Featured Posts

Tennessee requires notification even if encrypted

April 10, 2016

   Earlier this year, Tennessee revised its data breach law, Tennessee Code 41-18-2107.  Under the old law, an entity need only disclose a data breach where the unencrypted "personal information" of a Tennessee resident was or is reasonably believed to have been acquired by an unauthorized person. Tennessee Code 41-18-2107(b).  The revised law removes the encryption safe harbor.  Now, an entity must disclose any data breach where the "personal information" of a Tennessee resident was or is reasonably believed to have been acquired by an unauthorized person -- regardless of encryption status.  TN S.B. 2005.

   Thus, an entity must be mindful that encrypting personal information may not excuse it from complying with state data breach laws.
 

Please reload