Monday, October 11, 2010

New Regulations for California Business Owners and Businesses with California Customers- SB 1386

If you’re a Business Owner in California, or if any of your customers are in California, you’ll have to comply with SB 1386 (the California Information Practice Act). This law requires that your company provide notice to customers whenever any technological hack, or other attack has occurred and caused personal information to be exposed and vulnerable to theft. Meant to safeguard against identity theft, this state law also applies to any subcontractors of companies that maintain information about California residents. This particular law is ground-breaking, since although it is on paper just a California law, it has, in reality, become a federal law. California is the largest state, population-wise, in the U.S., and any mid-size company and many smaller ones have at least a few customers in California, regardless of where the company is actually located. If, for example, your company is in Maine, but your mail order division sold some products to someone in California, you must comply. Compliance simply means that if your network is attacked, you must notify your customers. Although this can be done individually, most companies actually make notification on their Web sites, or through issuing a public press release.

If you have any questions about SB 1386 or any other law that may affect your business, please contact The Out-House General Counsel via email at the link provided or at (951) 737-4040 or (415) 633-6702.

No comments:

Post a Comment