This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy



Data Protection Leader
Back to Contents

Volume: 15 Issue: 4
(April 2018)

Keywords:
data breach breach notification data security

Jurisdictions:
south dakota

South Dakota: Governor signs breach notification legislation

The South Dakota Governor, Dennis Daugaard, signed, on 21 March 2018, the draft Act to Provide for the Notification Related to a Breach of Certain Data and to Provide a Penalty Therefor (SB 62) into law (‘the Act’). The Act requires South Dakota residents to be notified of a data breach that compromises personal or protected information and results in harm within 60 days of its discovery. Furthermore, the Attorney General (‘AG’) must be notified when more than 250 residents are affected.

Jerry Ferguson, Partner at Baker & Hostetler LLP, noted, “It is not surprising that South Dakota became the 49th state to adopt a breach notification law […] Although the Act follows the structure of prior enacted statutes, there are some important variations […] As with many prior statutes, the Act requires a determination that a breach will likely result in harm to affected residents in order to trigger notification obligations. However, unlike most state breach notification laws, if a company determines that notification obligations are not triggered because a breach will not likely result in harm, the company will still need to provide notice of the incident to the AG, and the determination not to provide notice of the breach will need to be documented in writing, and maintained for at least three years.”

Following South Dakota’s enactment of the Act, the Alabama AG, Steve Marshall, announced, on 28 March 2018, that the Governor, Kay Ivey, had signed the Alabama Data Breach Notification Act of 2018, becoming the final state to pass a data breach notification law.

 

Search Publication Archives



Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed