Illinois Attorney General proposes changes to “beef up” data breach law

As reported by NBC Chicago, Illinois Attorney General Lisa Madigan is pushing a new bill in response to a record 67 million personal records that were breached last year in the state. Here are a few highlights from the piece about the proposal:

Madigan’s bill, which is sponsored by Senator Daniel Biss and Representative Ann Williams, will expand the type of information that requires a company to notify consumers of a breach, including medical information outside of federal privacy laws, biometric data, geolocation information, sensitive consumer marketing data, contact information when combined with identifying information, and login credentials for online accounts.

The bill also requires entities holding sensitive information to take “reasonable” steps to protect the information and requires entities to notify the Attorney General’s office when breaches occur. Madigan said her office would create a website that lists every data breach that affects Illinois to increase awareness among residents.

Data Privacy and Cyber Security, Other Jurisdictions