Free subscription to the Capitol Journal keeps you current on legislative and regulatory news.
States Passing Laws to Aid Small Pharmacies States including Colorado ( HB 1094 ), Georgia ( HB 196 ), Indiana ( SB 140 ), Iowa ( SB 383 ) and Montana (HB 740) have passed laws this year setting minimum...
Child labor may evoke Dickensian images of young children in dirty, oversized clothes laboring in dusty, dangerous workshops. But this year legislators in Florida considered a bill ( SB 918 ) that would...
MN Enacts Nation’s First Social Media Warning Label Requirement Minnesota enacted a first-in-the-nation provision ( HB 2 a / SB 6 a ) requiring social media platforms to display mental health warning...
CA to Investigate State Farm over LA Wildfire Claims California Insurance Commissioner Ricardo Lara (D) announced a “market conduct examination” of State Farm over consumer complaints about...
OR Enacts Nation’s Strongest Corporate Health Care Law Oregon Gov. Tina Kotek (D) signed a bill ( SB 951 ) imposing the toughest regulations on private and corporate control of medical practices...
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional.
With high-profile cyberattacks like the one on Colonial Pipeline last May that caused fuel shortages in Eastern states and the targeting of public infrastructure in every state by hackers over the past couple of years, cybersecurity received considerable attention from state lawmakers last session. At least 45 state legislatures considered over 250 measures dealing significantly with the issue, according to the National Conference of State Legislatures.
One major focus of that legislation was strengthening cybersecurity governance. For instance, Minnesota established a Legislative Commission on Cybersecurity, which will review the cybersecurity practices of state agencies and make recommendations on policy changes.
States also considered legislation requiring adherence with established security standards. Those measures include several sponsored by California Assemblywoman Jacqui Irwin (D), mandating the adoption of security policies, standards and procedures recommended by the National Institute of Standards and Technology.
With research showing the vast majority of data breaches result from employee errors like responding to phishing emails, some states, including Texas and Virginia, also required regular training for state agency employees.
The reporting of cybersecurity incidents was another area of concentration for lawmakers last year, with those in Georgia, Indiana, North Dakota, Washington and West Virginia all having enacted legislation requiring state or local agencies to report such incidents to a central office.
Finally, a law passed in Texas created a dedicated fund for improving and modernizing state agency information technology, including legacy systems. That enactment reflects the fact that only half of states have dedicated cybersecurity budgets, and most of them make up less than 3 percent of overall state IT expenditures, compared to 10 percent in the private sector, according to the National Association of State CIOs. (NATIONAL CONFERENCE OF STATE LEGISLATURES)
A bill introduced in Maine’s House in January (HB 1450) would require companies to obtain consent before collecting biometric data like facial features, fingerprints and voices, as well as prohibit companies from selling such data and provide a private right of action for violations. The measure has won the support of the Joint Committee on the Judiciary and is expected to receive a vote from the full Legislature. (ASSOCIATED PRESS, STATE NET)
The U.S House and Senate passed legislation that would require any organization considered part of the country’s critical infrastructure, including entities in the energy, finance and transportation sectors, to report any “substantial cyber incident” to the federal government within 72 hours and any ransomware payment within 24 hours. The aim of the measure is to give federal authorities more visibility into cyberattacks targeting private entities, which often avoid notifying the FBI or other agencies. President Biden was expected to sign the measure. (INSURANCE JOURNAL)
The National Highway Traffic Safety Administration has issued a final rule updating the current Federal Motor Vehicle Safety Standards to address vehicles with automated driving systems that don’t have the manual controls used by human drivers like steering wheels. The 155-page rule clarifies the requirements for manufacturers of such vehicles. (INSURANCE JOURNAL, NATIONAL HIGHWAY TRAFFIC SAFETY ADMINISTRATION)
This winter, after Wyoming joined the roughly 30 states that allow people to collect animals accidentally killed on the road for food, the state’s Department of Transportation rolled out a new app that allows people to claim roadkill after properly documenting and reviewing the rules for collecting it. In addition to helping state wildlife and transportation officials decide where wildlife crossing signs or other measures are needed, the app is also aimed at informing drivers of the rules regarding roadkill, such as that it can’t be collected after dark, on interstate highways, in construction zones or at national parks like Yellowstone. (ASSOCIATED PRESS)
-- Compiled by KOREY CLARK