With different and sometimes conflicting state data breach notification statutes, it was nearly inevitable that 2016 would see changes to the notification rules.  Below is a quick summary of some of the bigger changes those who deal with Personally Identifiable Information: 

On March 2, 2016, the Consumer Finance Protection Bureau (“CFPB”) fined Dwolla, Inc. $100,000 for falsely representing to customers the quality of its data security practices.  This is the CFPB’s first action on data security.