By
Joe Keenan
Facebook
Facebook
Twitter
Twitter
LinkedIn
LinkedIn
Email
Email
0 Comments
Comments
Where it becomes tricky is that there's no uniformity across the state laws, Einstein noted. For example, in Massachusetts retailers can not describe the nature of a breach when notifying the state's attorney general and affected customers, yet in Maryland the law says that retailers must describe the nature of the breach when notifying the state's attorney general and affected customers. To help with the confusion, Einstein suggested that retailers have a templated letter ready to go for each state (with inserts for common info). State laws also differ in many cases around notification requirements - timing, method (email, mail), what constitutes "personally identifiable information," etc.
0 Comments
View Comments
E
Joe Keenan
Author's page
Joe Keenan is the executive editor of Total Retail. Joe has more than 10 years experience covering the retail industry, and enjoys profiling innovative companies and people in the space.
Related Content
Comments