The Connecticut State Teachers Retirement Board notified teachers last week that it's missing a USB flash drive containing personal data.  Fortunately, proper security procedures appear to have been in place and the data on the device was encrypted.

"We have numerous controls in place so that financial transactions are properly authorized and executed and have enhanced our internal procedures over the physical control of flash drives," according to the letter, which was signed by Darlene Perez, administrator of the retirement board.

In Connecticut, data breach notifications are required under General Statute 36a-701(b).  This law only applies to data that "has not been secured by encryption or by any other method or technology that renders the personal information unreadable or unusable".

Does your state have a data breach notification law?

Written by Kanguru — October 31, 2012

Today's Schedule

The Very Latest From Kanguru

Stay informed about the most up-to-date Kanguru products, services, special events and insights on IT technology from leaders in the secure data storage and duplication industry.

visit Kanguru News visit GuruBlog