Bill > SB2128

This bill amends Mississippi law to require certain entities that conduct business in the state and handle the personal information of residents to notify the Office of the Attorney General of a data breach. Specifically, if an entity is required to notify more than 100 individuals about a breach of security, which is defined as the unauthorized acquisition of unencrypted electronic data containing personal information, they must promptly provide written notice to the Attorney General. This notice must include a summary of the breach, the estimated number of affected individuals in Mississippi, any free services offered to those affected, and contact information for further inquiries. The bill also mandates that if the initial notice to the Attorney General is found to be incomplete or incorrect, the entity must provide updated information as soon as possible. The Attorney General is empowered to create rules and regulations to enforce these new provisions, and failure to comply will be considered an unfair trade practice, enforced by the Attorney General, though it does not create a right for individuals to sue.

Business and Industry

https://billstatus.ls.state.ms.us/2026/pdf/history/SB/SB2128.xml