Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About

Trending Topics

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni

    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor & Employment
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations

    Industries

    View All

    • Cannabis
    • Consumer
    • Energy
    • Entertainment
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Non Profit
    • Real Estate
    • Technology

    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    1. Home
    2. Insights
    3. Articles
    4. Proposed North Carolina legislation intends to expand regulation of data breaches and strengthen consumer data protectionArticles

    Article

    Proposed North Carolina legislation intends to expand regulation of data breaches and strengthen consumer data protection

    Jan 29, 2019

    Share

    By Valerie Montague

    North Carolina Attorney General also releases report of 2018 data breaches.

    On January 17, 2019, North Carolina Attorney General Josh Stein and North Carolina Representative Jason Saine announced proposed legislation intended to strengthen the state’s data protection laws.

    The existing North Carolina Identity Theft Protection Act (ITPA) is similar to data breach laws in other states, and requires businesses to protect the sensitive information (e.g., social security numbers) of state residents. Businesses must implement policies governing the secure destruction of personal information and train employees accordingly. In the event of a data breach, the ITPA requires notification to impacted individuals without unreasonable delay.

    In 2018, Attorney General Stein and Representative Saine introduced legislation to strengthen the ITPA, expanding the definition of a data breach to include a ransomware attack and requiring incident notification within fifteen (15) days. This legislation was not enacted. The 2019 version reflects certain modifications to last year’s proposal. In particular, the new proposed legislation gives entities up to thirty (30) days to report a data breach to those impacted North Carolina residents and the North Carolina Attorney General.

    According to a fact sheet, the proposed legislation goes beyond most breach reporting laws by requiring entities that determine an incident did not result in harm to document that determination for review by the North Carolina Attorney General. If enacted, this will bring greater scrutiny to data hacks, ransomware events and other incidents that may not necessarily result in reportable breaches under the federal HIPAA regulations or other state or federal laws.

    Attorney General Stein also released a report summarizing the 1,057 data breaches reported to his office last year. According to the report, these breaches impacted more than 1.9 million North Carolina residents, which is a 63% decrease from 2017 when breaches impacted approximately 5.3 million residents. As to the causes of these breaches, the report indicates that phishing schemes comprised 26% of the breaches, with hacking breaches decreasing slightly as compared to 2017.

    PrivacyConsumer PrivacyData Breach

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • © 2023 Nixon Peabody. All rights reserved
    • Privacy Policy
    • Terms of Use
    • Statement of Client Rights
    • Supplier Diversity Program
    • Nixon Peabody International LLC
    • PAL