SixFifty has created state-specific tools to automatically generate a privacy notice and policy. Read on to learn more about Michigan’s privacy protections, and how our tools make it easy and cost-effective to stay compliant.
Who is affected by Michigan data privacy laws?
Michigan currently does not have a general privacy law. However, the state does have its own data protection and breach requirements, under the Identity Theft Protection Act. This law applies to any individual, partnership, corporation, LLC, association, or other legal entity. It also applies to departments, boards, offices, commissions, agencies, authorities, or other “unit of state government of Michigan” that owns or licenses data. This includes personal identifying information of any Michigan resident.
What’s the difference between privacy policies and privacy notices?
Michigan privacy laws
Under the Identity Theft Protection Act, if a data breach occurs, Michigan residents must be notified whenever:
- Their personal data is accessed or acquired by an unauthorized entity; or
- If an unauthorized person obtains access to the encryption key of encrypted data.
This does not include unauthorized access to data by employees or other individuals, if the following conditions are satisfied:
- The person acted in good faith in accessing the data;
- Their access was related to business or individual activities; and
- The individual did not misuse the personal data or disclose any information to an unauthorized person.
“Personal information” is defined as “the first name or first initial and last name,” linked to one or more of the following:
- Social Security number;
- Driver’s license or state ID number;
- Financial account numbers, credit or debit card numbers, along with the required security codes or passwords that would allow access to the resident’s financial accounts.
The Identity Theft Protection Act includes criminal penalties for sending fraudulent notices of security breaches. This includes fines and imprisonment. For genuine personal information breaches, the Attorney General may decide to initiate enforcement actions.
Our software pairs technology with legal expertise to quickly and easily deliver compliant Michigan privacy policies and notices. Just answer a series of questions, download the generated documents and have your lawyer review. It’s the simplest way to stay compliant and avoid penalties—and save money at the same time.