Refreshing Breach Notification - Legislation

About 33 states in 2015 introduced bill updates / addendums for security breach notifications to include reporting to attorney general or similar/central agency for items related to personal information such as biometric, medical and insurance data (and educational institutions to notify parents of breach occurrence).
This leaves only Alabama, New Mexico and South Dakota without breach notification.  Let’s take a peek at some notable states:

• For Illinois, data to include geolocation information and privacy policies to be posted as per HB 3188 (amends pending).  Additionally, pending HB 3652 Personal Information Protection Act to cover private contact information and it’s transfer – although SB 1833 failed due to veto in September
• California AB 259 requires breach notification related to SSN, driver’s license number or California card number to provide identity theft prevention and mitigation services for at least 12 months without fee.  AB739 (currently pending) cites breach notification if reasonably believed data has been acquired unless it was encrypted as per existing law according to AB 964.  And, SB 34 states proper protection / safeguards for the automated license plate recognition operators.  Finally, SB 570 expressing expedient breach notification upon compromised.
• Hawaii SB 1186 prevents notification via email if login credentials were compromised
• New York SB 4887 and Massachusetts SB  124 includes biometric information for security breach law
• Tennessee HB 193 requires comptroller of the treasury notification for unauthorized acquisition of computerized data related to security, confidentiality, or integrity of compute information system
• Virginia HB 2362 requires Chief Information Officer of the Commonwealth to develop protection and notification of confidential data maintained by state agencies for breach events / intrusion / unauthorized use / threats of electronic information
• Nevada SB 72 requires Division of Enterprise Information Technology Services to investigate and resolve breach attempts of information systems related to agency or elected officer

Bills, amendments and regulatory requirements are being updated to keep up with breaches lessons learned, so the latest/approved bills should be confirmed with each state such as NCSL.ORG