Notification of cyber incidents and payment of cyber ransoms

Checkout our iOS App for a better way to browser and research.

RS 2114 - Notification of cyber incidents and payment of cyber ransoms

A. To the extent a provider has actual knowledge of a cyber incident, which impacts a public body, the provider shall notify the Louisiana Fusion Center of the cyber incident within twenty-four hours of discovery of the incident.

B. If a provider has a cyber incident which impacts a public body and the provider or public body makes a payment of cyber ransom or ransomware, to the extent the provider has actual knowledge of the payment, the provider shall report the payment of the cyber ransom or ransomware to the Louisiana Fusion Center within ten calendar days of the payment.

C. A provider who submits a notification pursuant to Subsection A or B of this Section shall include in the notification the name of the impacted body.

D. A public body shall include the requirements of this Section in its contracts with providers. A provider shall be required to comply with the provisions of this Section only to the extent the contract between the public body and the provider explicitly incorporates the provisions of this Chapter.

Acts 2020, No. 117, §2, eff. Feb. 1, 2021.

NOTE: This Section is updated through the 2020 First Extraordinary Session, but is subject to final technical revisions by the Louisiana State Law Institute.


Download our app to see the most-to-date content.