Washington state have followed both Nevada and Minnesota to be the third state to incorporate the Payment Card Industry Data Security Standard (PCI DSS) into state law. The state house and senate passed HB 1149 to ammend the states existing data breach laws.

The act provides a legal mechanism for issuing banks to recover loses due to fraud as a result of a data breach. It seems that this mechanism is designed to encourage issuers to re-issue new credit cards to consumers who affected or potentially affected by a data breach to protect consumers from fraud.

The full text of the act can be found here.

An interesting analysis piece on the bill can be founfd here.