Okla. Data Breach Bill Nears Final Passage
The Oklahoma House voted overwhelmingly 85-2 to pass a data breach notification bill Wednesday. The Senate previously approved the measure but must vote again to concur with House changes.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
SB-626 requires that businesses notify the attorney general not more than 60 days after informing affected customers about a breach, if the breach affected at least 500 residents. Existing law requires that customers are notified not more than 30 days after a breach. The bill would include penalties for businesses that fail to notify the AG.
“A breach of a security system maintained by a credit union where fewer than 1000 residents are affected is also exempt from the notice requirement,” said a summary of the House-amended bill. The House removed a previously proposed AG rulemaking on the security breach notification process.