R.V. Johnson Insurance Call us at 772.287.3366
Contact Us
Stuart: 772.287.3366
Tequesta: 561.745.8894

Contact Us



CyberspaceIn a harbinger of data-breach-laws to come, the Florida State Legislature just passed a new Florida Information Protection Act, which establishes tough new notification requirements for businesses and governmental entities. With the rapid increase in data breaches and growing awareness of the dangers, this Act may become a model for other states.

Florida’s Act provides new notice requirements and possible civil penalties arising out of a data breach incident when the notice requirements are not followed. It requires covered businesses and governmental entities to take “reasonable measures to protect and secure data in electronic form containing personal information.”

In the Florida Act, “personal information” is defined to include (1) a person’s name in combination with (a) a social security number, driver’s license number, passport number, and/or other similar number on a government ID, (b) a financial account, debit card or credit card number in combination with a related password or access code, (c) medical history information, or (d) a health insurance policy number or identification number; or (2) a user name or email address in combination with a password or security question and answer that would permit access to an online account. Under the Act, a “breach” is considered the “unauthorized access of data in electronic form containing personal information.”

With regard to the new notice requirements, the Act requires businesses and government entities to give notice to consumers “no later than 30 days after the determination of a breach or reason to believe that a breach occurred” unless the breach qualifies for exceptions. Exceptions include circumstances where information was released during an ongoing criminal investigation or the covered entity determines, after consultation with law enforcement, “that the breach has not and will not likely result in identify theft or other financial harm.” This latter exception must be documented in writing and it must be maintained for 5 years.

The Act sets out exactly what must be included in the notice to individuals. And if a breach could affect more than 500 people, the Attorney General’s office must also be notified within 30 days, along with other notice requirements.

Failure to adhere to the Act could be deemed “an unfair and deceptive trade practice” and also subject the covered entity to a civil penalty up to $500,000, with the penalties being imposed based on the number days the party is in violation of the Act. However, the Act does specifically state that it does not create a private right of action.

Forty-seven states have now enacted data breach notification statutes, but Florida is one of just seven states that require notification within a specific period of time – 30 days from determination of the breach. States that do not require a specific time period tend to use broader language merely requiring notice in a reasonable time. Florida is also one of only a handful of states that has expanded the definition of “personal information” to specifically include a user name/email address and password to access an online account.

(Source: jdsupra.com)
Share |

No Comments

Post a Comment
Required (Not Displayed)

All comments are moderated and stripped of HTML.
Submission Validation
Change the CAPTCHA codeSpeak the CAPTCHA code
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive

View Mobile Version
content bottom

Quick Links

Our Carriers Our Company Services Contact Us More Help
Auto Owners Insurance
Safeco Insurance
Blue Cross Blue Shield
Frontline Insurance
Federated National
FCCI Insurance Group
Universal Property & Casualty Insurance Co.
Old Dominion Insurance Company
Tower Hill Insurance
Phildaelphia Insurance Companies
Bankers Insurance Group
Montgomery Insurance
UPC Insurance
Who We Are
File A Claim
Get A Quote
Insurance Types
Send A Message
Frequently Asked Questions
GET SOCIAL WITH US Facebook Twitter LinkedIn YouTube Blog RSS Feed Stuart Office on Google+ Tequesta Office on Google+
R.V. Johnson Insurance
2041 E. Ocean Blvd. Stuart, FL 34996 | Ph: 772-287-3366 Fx: 772-287-4439 TF: 800-273-9800 | Hours: M-F 8am-4.30pm
400 N. Cypress Drive, Ste 24, Tequesta, FL 33469 | Ph: 561-745-8894  Fx: 561-745-8871  TF: 866-556-6766 | Hours: M-F 8.30am-5pm
Powered by
Insurance Website Builder

Join Our Newsletter Refer A Friend Testimonials Get A Quote
Policy Review Form
Get Started with a Policy Review