Colorado Amends Data Breach Notification Law

Medicare & Long-Term Care Financial Planning
October 19, 2018
Property Insurance Coverage Your Business Needs
November 21, 2018
Show all

Colorado Amends Data Breach Notification Law

Colorado Amends Data Breach Notification Law

Colorado has a new data breach law that went into effect September 1, 2018. The new bill amends three areas of the States Data Breach law.

  1. Amends the notification procedures to 30 days and expands the definition of personal information
  2. Established data breach requirement for business and their service providers
  3. Amends State law regarding disposal of personal information.

Some Highlights Of The New Law Include

  • Business must have a written policy relating to destruction of personal information.
  • If an entity discloses personal information to a third party that entity must require the service provider to maintain reasonable security measures.
  • A notice must be given to the States Attorney General office within 30 days of the known breach.
  • Business must have reasonable security procedure in place to protect personal information.
  • The bill re-defines personal information to include; social security numbers, passwords, driver’s licenses or identification card numbers, passport, student identification numbers, medical information, military information, or any financial transaction information.

Here is a link to more information.

Leave a Reply

Your email address will not be published. Required fields are marked *