On August 9, the Illinois governor signed SB 1624, which requires that a single data breach involving the personal information of more than 500 Illinois residents must be reported to the state attorney general. The notice must include: (i) a description of the nature of the breach of security or unauthorized acquisition or use; (ii) the number of Illinois residents affected by such incident at the time of notification; and (iii) any steps the data collector has taken or plans to take relating to the incident. Notification is required to be made “in the most expedient time possible and without unreasonable delay,” but no later than when the data collector informs consumers of the breach under current law. The bill is effective January 1, 2020.
Register now for your free, tailored, daily legal newsfeed service.
Questions? Please contact email@example.comRegister
Illinois requires companies to report data breaches to attorney general
Popular articles from this firm
If you would like to learn how Lexology can drive your content marketing strategy forward, please email firstname.lastname@example.org.
Related topic hubs
Bed Bath & Beyond Inc
"I am a regular reader of Lexology, as are a few of my colleagues. I find the email newsfeed useful and of good quality, and in some cases directly on point with issues of concern to the company. It is important to stay current with legal developments, and the articles are a great aid toward this goal. The ability to access the articles without cost is critical and I hope Lexology continues with the good work."