New Florida Law Lets Agencies Keep Some Breach Details Under Wraps

Florida governor Rick Scott signs a bill to keep some critical information about data breaches confidential and out of the public eye.

A new bill recently signed by Florida Governor Rick Scott exempts the state’s agencies from publicly releasing some critical information about security breaches and audits.

The new law allows agencies to withhold the disclosure of critical information from a breach that could lead to further unauthorized access or destruction of the data, according to a report by On The Wire. Florida state agencies still must disclose general information about a case, including the type of data and the number of individuals affected in the breach.

Agencies also still must provide all information about a breach to law enforcement agencies such as the Florida Department of Law Enforcement and the state inspector general.

The law says that “Records held by a state agency which identify detection, investigation, or response practices for suspected or confirmed information technology security incidents, including suspected or confirmed breaches, are confidential and exempt from s. 38 119.07(1) and s. 24(a), Art. I of the State Constitution, if the disclosure of such records would facilitate unauthorized access to or the unauthorized modification, disclosure, or destruction of: a. Data or information, whether physical or virtual; or b. Information technology resources.”

For more information on Florida’s new data disclosure law, read the On The Wire article.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

More Insights