An Act Concerning Breaches Of Security Involving Electronic Personal Information.

1. **ONE-SENTENCE SUMMARY:** This bill requires businesses to report certain information to the Attorney General after a significant data breach and mandates a third-party forensic examination for massive breaches. 2. **KEY REQUIREMENTS:** - Report specific materials to the Attorney General after a breach, following their prescribed format. - Conduct a third-party forensic examination and analysis if a "massive breach of security" occurs. - Submit a forensic report to the Attorney General after a massive breach. 3. **DEADLINES:** - The bill is effective immediately upon passage, so businesses should prepare to comply right away. 4. **PENALTIES:** - Failing to submit the required third-party forensic report can result in additional penalties, though specific fines are not detailed in the bill. 5. **SMB IMPACT:** Small businesses must be vigilant about data security and have a plan in place for reporting breaches, as the costs and complexities of forensic examinations could be significant. Compliance is essential to avoid penalties and protect customer trust.