North Dakota Amends Data Breach Statute | Practical Law

North Dakota Amends Data Breach Statute | Practical Law

North Dakota has amended its data breach statute to broaden its reach and require notification of the North Dakota attorney general under some circumstances.

North Dakota Amends Data Breach Statute

Practical Law Legal Update 1-612-6125 (Approx. 3 pages)

North Dakota Amends Data Breach Statute

by Practical Law Intellectual Property & Technology
Published on 12 May 2015North Dakota
North Dakota has amended its data breach statute to broaden its reach and require notification of the North Dakota attorney general under some circumstances.
On April 13, 2015, the Governor of North Dakota signed S.B. No. 2214 into law amending the state's data breach notification statute. In particular, the amendments:
  • Broaden the statute's application to cover persons other than those doing business in North Dakota.
  • Require breached persons to notify the attorney general without reasonable delay if a breach affects more than 250 individuals.
  • Changes the definition of protected personal information as it relates to employee identification numbers.
The amendments go into effect on August 1, 2015.