• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Consumer Finance ABstract

  • Home
  • Services
  • Contacts

Washington State Expands Data Breach Notification Law

May 23, 2019 By Morey Barnes Yost

Effective March 1, 2020, Washington State House Bill 1071 amends the state’s data breach notification law, expanding the categories of consumer information the unauthorized access of which would trigger notification requirements.  Under current law, any person or business conducts business in Washington State and that owns or licenses data that includes personal information to provide notice to potentially affected consumers and to the state Attorney General no more than 45 calendar days after a data breach that may have resulted in authorized access of consumers’ personal information; as amended, the law will reduce the timeline for notification to 30 days.

In addition to making non-substantive changes (e.g., recodifying definition and exemption provisions), the measure also:

  • Adds notification procedures for a data breach involving a consumer’s username or password (which vary according to whether the breach involves login credentials for an email account furnished by the person or business providing the notification);
  • Requires the notification to affected consumers to include “[a] time frame of exposure, if known, including the date of the breach and the date of the discovery of the breach”; and
  • If a breach affected more than 500 Washington consumers, requires the notification to the Attorney General to provide: (i) a list of the types of personal information that were, or are reasonably believed to have ben, the subject of a breach; (ii) “[a] time frame of exposure, if known, including the date of the breach and the date of the discovery of the breach”; (iii) a summary of steps taken to contain the breach; and (iv) a sample copy of a notification (which must exclude any personally identifiable information).

Filed Under: Privacy and Cybersecurity Tagged With: data breach, Washington State

Morey Barnes Yost

About Morey Barnes Yost

Morey Barnes Yost is a member of Alston & Bird’s Financial Services & Products Group and the Consumer Financial Services Team. She advises clients on a broad range of federal and state regulatory compliance matters relating to consumer financial services, including the Dodd–Frank Wall Street Reform and Consumer Protection Act, the Truth in Lending Act and state mortgage lending, servicing, appraisal and appraisal management company (AMC) statutes.

[Read Bio]

Primary Sidebar

RECEIVE EMAIL NOTIFICATIONS WHEN NEW POSTS ARE ADDED.

A confirmation email has been sent to the email address provided.


Tags

#California #CCPA #CFPB #COVID=19 #debtcollection #evaluations #eviction #moratorium #FCRA #FDCPA #GSEs #Massachusetts #NYDFS #Part419 #Privacy #QMPatch #QualifiedMortgage #SupervisoryHighlights #validwhenmade Ability to Repay abusive ATR/QM CARES Act Case law Covid-19 Credit Reporting CSBS Cybersecurity data breach Debt Collection Delaware DOJ Eleventh Circuit FACTA Forbearance Foreclosure HUD Mortgage Servicing passive investors QM QM Patch Regulation F SCRA Servicing student loan servicing UDAAP

Secondary Sidebar

Categories

Recent Posts

  • CFPB, NCUA Sign MOU Regarding Cooperation
  • Federal Court Dismisses Lawsuit Challenging Minnesota Eviction Moratorium
  • CFPB Issues “Seasoned Qualified Mortgage” Rule
  • DOJ Trustee Program Settles with Servicers
  • CFPB Retires the “QM Patch” and Revises QM Rules
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy