Bill

Bill > S1352


NJ S1352

Revises requirements for disclosure of a breach of security of certain computerized records containing personal information.


summary

Introduced
02/03/2022
In Committee
02/03/2022
Crossed Over
Passed
Dead
01/08/2024

Introduced Session

2022-2023 Regular Session

Bill Summary

Revises requirements for disclosure of a breach of security of certain computerized records containing personal information.

AI Summary

This bill revises the requirements for disclosure of a breach of security of certain computerized records containing personal information. The key provisions are: 1. Businesses or public entities that maintain computerized records with personal information must disclose a breach to affected customers within 5 business days, unless law enforcement requires a delay or additional time is needed to determine the scope of the breach. 2. Businesses or public entities must report the breach to the State Police before notifying customers. 3. Notification can be provided through written, electronic, or substitute notice (e.g., website posting, media notification) if the cost or number of affected individuals exceeds certain thresholds. 4. For breaches involving only a user name or password, the business or public entity can provide notification directing the customer to change the login credentials. 5. Businesses that provide email accounts cannot notify the affected email account of the breach, and must use another method of notification.

Committee Categories

Business and Industry

Sponsors (1)

Last Action

Senate Commerce Hearing (13:00:00 2/16/2023 Committee Room 6, 1st Floor, State House Annex, Trenton, NJ) (on 02/16/2023)

bill text


bill summary

Loading...

bill summary

Loading...
Loading...