NEW CONNECTICUT DATA BREACH STATUTE REQUIRES NOTIFICATION TO THE ATTORNEY GENERAL

Earlier this month Connecticut amended its data breach notification statutes. As of October 1, 2012,  the state Attorney General must be provided notification when a data breach notification is being provided to a Connecticut resident.

The statute is not as onerous as the recently passed Vermont notification statute that requires state Attorney General notification within 14 days of a data breach.  However, Connecticut is joining a growing number of states that require official state notification of a data breach. 

Businesses and their representatives must keep up to date on the ever changing data breach statutes.  A proper response to a data breach will require notification to an ever expanding list of States.