2019 House Bill 4187 ↩
Senate Roll Call 541:
Passed
To establish detailed rules for personal information data breaches that create a substantial risk of identity theft or fraud, including notice requirements, reporting requirements, guidelines and more for businesses, associations and state agencies. Among other things the bill would distinguish between breaches that permit an outsider to gain access to an online account, versus breaches that expose sensitive personally identifying information. The bill authorizes $5,000-per-day civil penalties for noncompliance, up to a maximum of $750,000.