With different and sometimes conflicting state data breach notification statutes, it was nearly inevitable that 2016 would see changes to the notification rules. Below is a quick summary of some of the bigger changes those who deal with Personally Identifiable Information:
On March 2, 2016, the Consumer Finance Protection Bureau (“CFPB”) fined Dwolla, Inc. $100,000 for falsely representing to customers the quality of its data security practices. This is the CFPB’s first action on data security.