Provides relative to the Database Security Breach Notification Law. (8/1/14)
Impact
The bill, if enacted, would significantly impact state law concerning how financial institutions and businesses manage and retain consumer data. By imposing strict guidelines on data retention related to access devices, it aims to reduce vulnerabilities associated with data breaches. The provisions for reimbursement by violators of the law, particularly for financial institutions affected by security breaches, intend to hold entities accountable for maintaining adequate protective measures.
Summary
Senate Bill 176, known as the Database Security Breach Notification Bill, is a legislative proposal aimed at strengthening data security measures within the state of Louisiana. The bill outlines specific definitions related to access devices, which include credit and debit cards, and mandates that businesses retain personal information from transactions only for a limited time—specifically, no longer than 45 days after authorization. This measure is intended to enhance consumer protection by limiting the potential for data breaches and unauthorized access to sensitive information.
Sentiment
Overall sentiment surrounding SB 176 appears to be supportive among consumer rights advocates and financial institutions that prioritize the protection of consumer data. Proponents argue that the bill fortifies existing regulations and establishes clearer guidelines for data security practices. However, concerns may arise among businesses regarding the potential for increased compliance costs and the implications of being held financially responsible for breaches.
Contention
One notable point of contention surrounding SB 176 involves the responsibility placed on service providers and businesses regarding data retention and the repercussions of any breaches. Critics may argue that imposing financial liability on institutions might lead to increased operational costs, which could ultimately be passed on to consumers. This situation raises questions about whether the benefits of enhanced consumer protection outweigh the financial impacts on businesses operating in the state.
Further providing for definitions, for notification of the breach of the security of the system, for exceptions and for notice exemption; repealing provisions relating to civil relief; providing for protection of personal information, for civil relief, for information security and for applicability; and repealing provisions relating to applicability.
Provides for notification to the commissioner of insurance of breaches of data security in systems containing certain personal information relating to consumers. (8/1/16)