July 2, 2022

Volume XII, Number 183

Advertisement
Advertisement

July 01, 2022

Subscribe to Latest Legal News and Analysis

June 30, 2022

Subscribe to Latest Legal News and Analysis

June 29, 2022

Subscribe to Latest Legal News and Analysis

Arizona Expands Regulator Data Breach Notification Obligations

Arizona recently amended its breach notice law to change the regulator notification requirements. Starting this summer, depending on the scope of the incident, the Arizona Department of Homeland Security will need to be notified. Specifically, as amended, if more than 1,000 Arizona individuals are notified of a breach, then notification must be made to the three largest consumer reporting agencies, the Arizona attorney general and the Arizona Department of Homeland Security. Previously, only the consumer reporting agencies and Arizona AG needed to be notified if that threshold was met. This notification should be made within 45 days after the determination that there has been a breach. Arizona joins New York as being one of the few states that require notification to multiple state regulatory agencies.

Putting it into practice: Beginning July 22, 2022, companies who suffer a breach impacting more than 1,000 Arizona residents will need to notify the Arizona Department of Homeland Security (in addition to other agencies). This amendment joins the minor change in Indiana that we wrote about previously, which will also go into effect in July.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XII, Number 101
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...

312-499-6335

Julia Kadish is an attorney in the Intellectual Property Practice Group in the firm's Chicago office.

Areas of Practice

Julia's practice focuses on data breach response and preparedness, reviewing clients' products and services for privacy implications, drafting online terms and conditions and privacy policies, and advising clients on cross-border data transfers and compliance with US and international privacy regulations and standards. She also workes on drafting and negotiating software licenses, data security exhibits, big data licenses, professional...

312.499.6334
Advertisement
Advertisement
Advertisement