Actions

New Arizona bill holds businesses accountable during data breaches

Posted
and last updated

From the most recent strike in Goodyear with online bill pay to larger scale hits, like Equifax, all of these data breaches have turned many of us into data breach victims. 

But, our state is getting a new line of defense with new bill that was signed into law. 

HB 2154 was sponsored by Representative T.J. Shope and authored by Arizona Attorney General Mark Brnovich

This bill means that businesses will now have to work harder for the consumers to keep their information safe or they may have to pay a hefty fine for it. 

The maximum civil penalty has been raised from $10,000 per breach to $500,000 per breach. 

There is also now a deadline for businesses to have to notify consumers that their information has been compromised. 

Before this law, there was no definitive timeline. That meant businesses could wait months, possibly even years, before letting customers know.

"That was very disturbing because if there is a data breach, we want to know about it as soon as possible so that we can take steps to protect our information and protect our identities," said Attorney General Mark Brnovich. 

Now, companies have 45 days after they have learned a breach has occurred to notify the parties involved. 

The new law officially starts in August. But, itSynergy CEO & President Michael Cocanower said he does not believe this has hit the radar of businesses just yet.

He is hosting a free webinar on Thursday at 11:30 a.m. to help start the conversation and start educating businesses about the new law. 

"Hopefully as laws like this continue to be passed throughout the United States, it will make people more aware," Cocanower explained. "And if they say, 'Gee, if I have this exposure that I might have to trigger this notification, maybe I'm going to put a little bit more effort into preventing it in the first place.'" 

The webinar is free and businesses that want to participate can register here.