Home > Data Loss, PHI, PII, Privacy Laws > Missouri’s new Data Protection Disclosure Law.

Missouri’s new Data Protection Disclosure Law.

Although maybe unnoticed, a month ago Missouri finally joined that heady club called “States which have Data Privacy Laws”.

On 28th August, the “Missouri Data Breach Notification Law”, or House Bill 62 took effect, not protecting, but at least enforcing care and attention of residents personal information (Social Security Numbers, Driver’s Licence Numbers, and information which could be used to access a residents financial accounts). Note I use the word “resident”, because, as with the other 47 or so State laws, this one applies to the Residents of Missouri, not to the businesses. If you have Missouri resident information in your datacenter in Tinbuktoo, you are still required (under civil and actual damages) to comply.

The full text of the law can be found on the excellent HuschBlackwell site, but the interesting points are:

  • This law applies to Personal Health Information (PHI) as well as Personally Identifiable Information (PII)
  • The law applies to both “customer” data, as well as “employee” data – it basically applies to every resident of Missouri.
  • If you loose more than 1000 individual records, you need to tell the Attorney General. Non compliance means civil damages.
  • If you determine that the exposure of data is “unlikely” due to protective measures (or you believe the device was destroyed etc), you can elect not to disclose, but you MUST fully document the investigation and keep records for 5 years.

As with all these laws, if you hold Missouri resident data, you should approach your legal team and assess any additional risk (and mitigating measures) that you might now be subject to.

To keep you in the loop, the list States without, or with very weak data disclosure laws is now Alabama, Kentucky, Mississippi, New Mexico, and South Dakota.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: