|An Act to Require Notice of a Breach of Security (HB 583)
NOTE: This law did not become effective until July 1, 2011
|CITATION||2010 H.B. 583|
The law is applicable to any person who conducts business in Mississippi and requires the disclosure of any breach of security to all affected individuals. The disclosure shall be made without unreasonable delay, subject to the limited exceptions.
Notification is not be required if, after an appropriate investigation, the person reasonably determines that the breach will not likely result in harm to the affected individuals.
Covers “Personal Information” which is defined as an individual’s first name or first initial and last name in combination with any one or more of the following data elements:
|INDUSTRY||Any person who conducts business in this state and maintains computerized data, which includes personal information that the person does not own or license.|
Failure to comply with the law’s requirements is an unfair practice and is enforced by the Attorney General. The Attorney General may seek an injunction. The law does not, however, create a private right of action where an individual can sue for his or her own damages.
Mississippi also provides criminal sanctions for violations: a defendant can be guilty of a misdemeanor and a fine up to one thousand dollars ($1,000) if the conduct is determined to be intentional. More severe penalties are provided for subsequent violations.