NJ Amendment to Data Breach Notification Law, Moves to Governor
Thursday, March 7, 2019
breach notification new jersey
Print Mail Download i

In light of several large-scale breaches of late, the New Jersey General Assembly is taking steps to enhance the state’s data breach notification requirements. In late February, Assembly Bill 3245 (AB 3245), introduced by Assembly Members Ralph Caputo and Carol Murphy, was unanimously approved by both the Assembly and the Senate, and is now headed to Governor Phil Murphy for signing. In short, if signed, AB 3245, would require businesses to notify consumers of online account security breaches.

New Jersey’s data breach notification law requires businesses to notify consumers of a breach of their personal information. Currently the law defines personal information as an individual’s first name or first initial and last name linked with any one or more of the following data elements:

  • Social Security number;
  • driver’s license number or State identification card number;
  • account number or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account.

AB 3245 would add to the above list of data elements:

  • user name, email address, or any other account holder identifying information, in combination with any password or security question and answer that would permit access to an online account. 

This amendment would keep New Jersey in line with other states that have similarly enhanced their data breach notification laws to address online breaches, including Alabama, Arizona, California, Florida, Illinois, Nebraska, Nevada, South Dakota and Wyoming.

“Protecting the security of online accounts is important for consumers, as a breach of security of these accounts can lead to the compromise of personal information and expose consumers to identity theft,” said Caputo (D-Essex). “If an individual’s personal information has become unwillingly available to someone else, they have the right to know as quickly as possible.”

New Jersey is on the forefront of consumer privacy and security law with other related bills recently introduced including AB 4902which creates new obligations for commercial entities whose online website or services are accessed by individuals, and AB 7974 that regulates the use of a customer’s GPS data.  Be on the look out for our full update on some of New Jersey’s other initiatives, coming later this week.

Jackson Lewis P.C. © 2024

Current Public Notices

Current Legal Analysis

More from Jackson Lewis P.C.

U.S. Supreme Court Raises Standard for Labor Board When Seeking 10(j) Injunctions
by: Jonathan J. Spitz , Richard F. Vitarelli
Use of Plan Forfeitures Not the Slam Dunk It Used to Be
by: Kellie M. Thomas
Puerto Rico Increases Hourly Minimum Wage to $10.50 Beginning July 1, 2024
by: Sara E. Colón-Acevedo , Juan Felipe Santos
Tips for Recruiting Top Talent in Manufacturing Industry
by: Emily S. Borna , Andrew D. Kinghorn
Rebrand for Homeland Security Investigations
by: Forrest G. Read IV
Legal Challenges Mount to DOL Rule Raising Salary Threshold for Exempt Employees
by: Jeffrey W. Brecher , Justin R. Barnes
Top Five Labor Law Developments for May 2024
by: Jonathan J. Spitz , Richard F. Vitarelli
AG Paxton’s DEI Investigation and 10 DEI Steps to Take
by: Samia M. Kirmani , Michael D. Thomas
New York Expands Rationale For State Income Tax “Convenience Rule”
by: Raymond P. Turner
BREAKING NEWS: OFCCP Releases New Audit Scheduling List (CSAL)
by: Laura A. Mitchell , Lisa B. Marsh

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins