States Privacy News

HIPAA Events


Events Webinars Training

California Governor Jerry Brown signed into law an amendment to California’s breach notice law (S.B. No. 24).

Highlights of the ammendment include,

  • Requires businesses to send an electronic copy of a breach notification to the California Attorney General, if more than 500 Californians are affected by a single breach.
  • Establishes standard content requirements for data breach notifications to California residents; and
  • Clarifies that a covered entity under HIPAA that complies with breach notice requirements will be deemed to have complied with the new content requirements for breach notifications.

California’s data breach notification law, first enacted in 2003, has been amended on prior occasions, including a 2007 amendment that added health information to the type of data that may trigger a notification obligation.

Effective date: January 1, 2012