Data Breach Notification Mandates Discussions on Hold

May 19, 2019

After hundreds of hours of discussion on how businesses would have to notify individuals that their personal information was compromised as a result of a data breach, a group of key stakeholders has decided to table discussions for the time being.

HB 4187 would require a business to notify an individual of a data breach within 45 days of the breach if it is suspected that their personal identifying information was exposed. What came down to a myriad of different details surrounding this general concept is what seemingly sunk the proposal.

While HB 4187 seems to be set aside for the time being, efforts to protect consumer information are still being worked on. Cybersecurity threats are everywhere and becoming more and more frequent. Fraud costs everyone in the private sector time and resources. Efforts to combat these undue expenses are critically important and the Michigan Chamber will continue to be a leader in ongoing discussions. 

For more information, contact Dan Papineau at