ST. PAUL, MN – The Minnesota House of Representative public information services released a summary of some new laws that will take effect Aug. 1.
One of these new laws addresses date privacy.
Data breach prompts new protections, penalties Several recent high-profile data breaches by public employees, including one by a former Department of Natural Resources employee who inappropriately accessed thousands of driver’s license files, spurred a new law that lays out penalties and preventive measures for these actions. Sponsored by Rep. Mary Liz Holberg (R-Lakeville) and Sen. D. Scott Dibble (DFL-Mpls), the law will:
• require procedures for ensuring that private data is accessible only to those whose work assignment calls for that access;
• expand current law to require all government entities, not just state agencies, to notify individuals if a breach of their data has occurred; and
• establish penalties for employees responsible for the breach. Once it has been determined that a breach has occurred, a report will be required that, at a minimum, must include:
• a description of the type of data accessed or acquired;
• the number of individuals whose data was improperly accessed or acquired;
• the name of each employee determined to be responsible for the unauthorized access or acquisition; and
• disciplinary action, if any, taken against each employee involved. Those whose information has been compromised will receive written notification from the government entity of the breach, and the opportunity to request of copy of the completed report. HF183*/SF211/CH284