Providence, RI | February 13, 2025 –Rhode Island lawmakers propose a bold new bill requiring immediate reporting of all data breaches—no more waiting, no more cover-ups.
A new bill in the Rhode Island House of Representatives could bring sweeping changes to data breach laws, forcing immediate reporting of all security incidents, regardless of size. This comes two months after a catastrophic breach in the state’s public benefits system exposed the private data of 650,000 Rhode Islanders.
Rep. Robert Phillips (D-Woonsocket) introduced House Bill H5301, which aims to strengthen the Identity Theft Protection Act of 2015. Currently, organizations only have to report breaches affecting 500+ people. The proposed bill removes that threshold, meaning every breach—no matter how small—must be reported to both the Attorney General and the Department of Business Regulation (DBR).
We need to act now. Data breaches are out of control, and people deserve to know immediately when their information is at risk.
The bill also expands who is responsible, making third-party vendors—like Deloitte, the system vendor in the massive RIBridges breach—liable for reporting security incidents.
While cybersecurity advocates support the bill, business groups worry about the burden on companies. A representative from the Northern Rhode Island Chamber of Commerce said:
This could lead to over-reporting, creating unnecessary panic.
State officials also warn that ambiguities in the bill’s wording could slow down the reporting process.
As data breach laws evolve, ensure your personal information stays private with ExpressVPN.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
