X
    X
    X
    X

    North Dakota Broadens Reach for Breach Notification

    Locke Lord Publications

    North Dakota recently enacted an amendment that will again tighten its existing breach notification law. The current law, North Dakota Century Code Section 51-30 et. seq., has evolved over time, having been previously amended in 2013 to add health information to the definition of “personal information” that could trigger a notification if breached. This new amendment may be a result of recent large data breaches and a concern that existing law did not require notification of the Attorney General or notification to residents if a company was not “conducting business” in North Dakota.

    The amendment broadens the reach of the existing breach notification law by requiring a company to notify affected North Dakota residents regardless of whether the company operates in North Dakota. And for large breaches that impact more than 250 individuals, the Attorney General must now be notified by mail or e-mail. The definition of “personal information” has been updated again – this time to add an employer’s identification number assigned to an individual in combination with any required security code, access code, or password. The amendment will take effect on August 1, 2015.

    Explore Additional Topics

    Disclaimer

    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.