Illinois to Require Attorney General Notification under New Breach Amendment

Illinois is set to become the 29th state that will require data breaches affecting more than 500 residents to be reported to the state’s attorney general.

The proposed amendment to the state’s Personal Information Protection Act – which currently only requires notice to the affected residents – provides that, when more than 500 Illinois residents are affected by a “single breach of the security system,” notice must also be given to the Illinois Attorney General “in the most expedient time possible and without unreasonable delay but in no event later” than when the residents are notified of the incident. Notices to the AG’s office must include a description of the “breach of security or unauthorized acquisition or use;” the number of Illinois residents affected; and “[a]ny steps … taken or plans to take relating to the incident.”


Share This Post:

Search Billing News

Billing News By TAG

Billing News By DATE