Bill closes gap in N.C. data-breach law

July 2006
According to the Charlotte Observer on Friday, July 7, the State of North Carolina is in the process of passing legislation requiring that state and local government agencies must report when they either lose or expose the personal information of North Carolina citizens and residents.

Last year, the North Carolina passed and implemented a data-breach notification law which covered businesses, but failed to include government agencies.

According to the Observer which had joined consumer advocates in pointing out the flaw, they are pleased lawmakers and the Attorney General are moving to close the loophole.

The bill could go to a vote before the full Senate within a few days, then to the House.

The measure also requires the N.C. Secretary of State's office to scrub electronic public files of Social Security numbers by next July.

According to data compiled by the Privacy Rights Clearinghouse, Federal, state and local government agencies represent a significant portion of all database breaches which have come to light since 2005.

While thirty-two states have passed breach-notification laws, only twenty-one of them require government agencies to disclose data-security compromises that possibly could lead to identity theft.

Our question: if it's good for the goose why not the goosekeeper?