Missouri has become the 45th state to enact data breach notification legislation. On July 9th, Missouri Governor Jay Nixon signed House Bill 62 into law, which will go into effect on August 28, 2009. Though House Bill 62 deals with a number of different provisions in one law, it contains a section of security breaches.
The new data breach notification law would require that individuals be notified when their personal information were breached. The new law has broadly defined personal information to include not just financial information or Social Security numbers, in combination with names, but also any unique electronic identifier or medical information.
The new law requires that the Missouri Attorney General and national consumer reporting agencies be notified if the breach affects more than 1,000 individuals. Civil penalties for violating the statue may reach up to $150,000 per breach.