A proposed bill requires cities to notify residents if the last four digits of their social security number (SSN) are compromised during a data breach.

As data breaches become more frequent, legislators are considering imposing broader notice requirements on cities and other entities that collect and store residents’ personal information. Currently, cities are required to notify residents if their full social security number, among other identifying information, is compromised during a data breach. SB 6187, sponsored by Sen. Zeiger (R–Puyallup), expands that to require notification if the last four digits of a resident’s SSN are part of the data breach. Organizations often use the last four digits of a SSN to verify a customer’s identity.

The impact on cities is unclear. Data breaches typically allow hackers to access to a broad range of information, including the last four digits of SSNs, that already requires notifying affected individuals. If you have concerns about potential impacts this new requirement would have on your city, please contact Jacob or Candice.

Dates to remember

SB 6187 is scheduled for public hearing in the Senate Committee on State Government, Tribal Relations, and Elections at 1:30 pm on January 24.