Indiana AG Proposes Data Security Legislation

The proposed legislation would require more of businesses, including:

• More stringent requirements for storing & retaining sensitive data
• Reduce harm to consumers with better notifications
• Increase transparency of online privacy policies

What does this mean for business:

• Require data to be securely stored
  • Delete personal or financial data
  • Retain only what is necessary for business purposes and processes
• Limit sharing or selling of data only when authorized by law or when consumers are informed in advance
• Inform consumers by clear and conspicuous notice when personal data must be collected and how long it will be stored
•  Data Breach Notification Changes with quicker notifications to consumers, with more information, applied to more data breaches.   AD LAW ACCESS  National Law Review Indiana Attorney General Proposal