SB1386
Lessons learned in notification of a large breach
March 25, 2007 Filed in: Data
protection
On March 21, 2007, Jim Davis, UCLA’s AVC-IT and CIO
testified at a hearing chaired by Senator Dianne
Feinstein entitled Identity Theft: Innovative
Solutions for an Evolving Problem. Senator
Feinstein is proposing S.239, similar in
principle to SB1386 enacted in California in
2003 - the first notification law in the
country. Jim’s testimony, Lessons Learned from Notification
of a Large Breach, talked about lessons
learned by UCLA during its 2006 breach of SSN.
Other witnesses spoke to other facets of
notification.