Security and breach notification with passage of new law… On June 20, 2014, the “Florida Information Protection Act of 2014” (FIPA) was signed into law by Florida Governor Rick Scott, after it received unanimous support by the legislature. FIPA will take effect on July 1, 2014 and will replace Florida’s existing data breach notification law. FIPA dramatically increases the breadth of Florida’s data breach notification law.

• Shorter timeline to notify

• Expanded definition of “Personal Information”

• FIPA applies to “covered entities” – healthcare or not

• Mandatory notice to Florida Attorney General and production of proactive measures

• Proactive measures are now required

• Federal regulatory exemption

• Third-party vendor notification

• Unfair and deceptive trade practices Statute may be used