A bill to amend 2005 PA 244, entitled “Deferred presentment service transactions act,” by amending section 22 (MCL 487.2142).
Senate Bills 360-64 would require private and State entities that had access to State residents' personal information to maintain security procedures for the protection of that information. These procedures would include the assignment of a security coordinator and the implementation of appropriate safeguards to protect the information, among other things. An entity that reasonably conformed to an industry recognized cybersecurity framework would meet the bill's requirements if specific circumstances applied. In the case of a security breach, the bill would require an entity to notify affected residents and provide specific information concerning consumer protections and actions taken to rectify the breach. If a breach affected more than 100 residents, the entity would have to notify the Attorney General. The bill would prescribe civil fines for failing to comply with the its requirements.
Co-sponsored by Sens.
Referred to the Committee on Finance, Insurance, and Consumer Protection
Reported without amendment
Referred to the Committee of the Whole
Reported without amendment
Passed in the Senate 19 to 15 (details)
Referred to the Committee on Government Operations
