2021 Senate Bill 672

Limit data breach liability where good safeguards in place

Introduced in the Senate

Oct. 5, 2021

Introduced by Sen. Wayne Schmidt (R-37)

To limit the data-breach liability of individuals, institutions and organizations that maintain or access personal information about others if they “established, maintained, and reasonably complied with a written cybersecurity program that contains administrative, technical, and physical safeguards” as described in the bill. The bill would establish as the “strong policy of this state” to “incentivize conformance to a recognized cybersecurity standard or framework”.

Referred to the Committee on Energy and Technology

March 2, 2022

Reported without amendment

With the recommendation that the substitute (S-1) be adopted and that the bill then pass.

March 9, 2022

Passed in the Senate 20 to 17 (details)

Received in the House

March 9, 2022

Referred to the Committee on Financial Services