Health IT Security – Illinois Governor Vetoes Data Breach Notification Bill
Carl Szabo, policy counsel for NetChoice, explained in an opinion piece for the Journal Gazette & Times-Courier that the bill treats a health data breach the same way as a breach that shows when pizza was last ordered.
“The bill levies excessive and burdensome requirements on Illinois small businesses, uniquely forcing them to spend thousands of unnecessary dollars on legal fees to write privacy policies that are customized for Illinois just for the privilege of doing business over the Internet,” Szabo wrote. “Perplexingly, the law would treat an order collected through a website differently from an order taken in person or over the phone and then stored in the same database.”
Szabo added that such policies will not make consumers safer. Instead, data breaches need to be proactively prevented and small business should not be penalized in the process.
“Governor Rauner now has an opportunity before him to correct the overreaching aspects of this bill by keeping its focus upon actual threats to the consumer public rather than concocting nationally unprecedented barriers,” he explained. “He has a chance to provide clarity and focus so that law enforcement has the ability to protect victims and find and apprehend criminals.”