Proposed House Bill 2581 would require a person that possesses or has access to account information to report breach of security to the financial institution that issued financial access device. Person includes: an individual, a private or public corporation, partnership, cooperative, association, estate, limited liability company, organization or other entity.
The Bill proposes to:
- Require a person to safeguard account information in accordance with standards that Department of Consumer and Business Services adopts by rule.
- Subject a person to liability to financial institution for costs financial institution incurs as consequence of breach of security if person’s failure to comply with standards for safeguarding account information amounts to gross negligence.
If passed, the Bill becomes operative January 1, 2018.