September 26, 2018

September 25, 2018

Subscribe to Latest Legal News and Analysis

September 24, 2018

Subscribe to Latest Legal News and Analysis

There’s a Form for That? Breach Notices and State Reporting Portals

The recent launch by Massachusetts Attorney General of an online data breach reporting portal is a reminder that many states have such online reporting mechanisms. In Massachusetts, companies that have suffered a data breach and are required to provide notice to the MA AG can either continue to submit a hard copy notice to MA, or can choose to use the portal.

Other states with online data breach submission forms include California, where the online submission is mandatory. Nebraska also has an online reporting process, but like MA, the use of the online submission process is optional. New Jersey also has an online process for reporting a cyber incident, in addition to a different process for reporting a breach. North Carolina also has companies submit breach notification through an online process.

Massachusetts requires companies to notify not just the attorney general, but also the Office of Consumer Affairs and Business Regulation. It, too, has an online reporting portal that can be used. Both portals can be accessed through the Attorney General’s page on Security Breaches.

Putting it Into Practice: The recent launch of the MA online portal is a reminder that of the various states with notification reporting requirements to state authorities, many have their own online process for companies to use.

Copyright © 2018, Sheppard Mullin Richter & Hampton LLP.

TRENDING LEGAL ANALYSIS


About this Author

Amber Thomson, Sheppard Mullin Law Firm, Litigation Attorney
Associate

Amber C. Thomson is an associate in the Business Trial Practice Group in the firm's Washington, D.C. office.

202-747-2658
Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and external practitioners alike.”

She is known as an industry leader in the privacy and data security space and is consistently recognized by Leading Lawyers Network, Chambers and The Legal 500, and leading publications and organizations for her work in this area of law. Liisa was recently recognized as the 2017 Data Protection Lawyer of the Year - USA by Global 100, the 2017 U.S. Data Protection Lawyer of the Year by Finance Monthly, and the “Best in Data Security Law Services” at Corporate LiveWire’s 2017 Global Awards.

312-499-6335