Technology Law Dispatch

There are currently only two U.S. states that do not have a state data breach notification law: South Dakota and Alabama. Recently, South Dakota took a big step toward approving a data breach notification law. On January 25, 2018, the state’s Senate Attorney Judiciary Committee advanced the bill after a 7–0 vote, sending it to the South Dakota House of Representatives for consideration.

In addition to the standard data elements that are considered by most states with data breach laws, South Dakota Bill No. 62 follows the pattern of other states that are now looking to broaden the definition of “personally indentifiable information” to include elements such as biometrics.

To continue reading, please visit