Data Breach At Exposes Passwords of 6.5 Million Users
Credit Reporting Agency Wants Access To Your Facebook, LinkedIn, And Twitter Information

Mintz Levin: Breach Notification Laws In The United States

The law firm of Mintz Levin has produced a report listing data breach notification laws in the United States as of June 1, 2012. The report includes details by state, and includes the District of Columbia, Puerto Rico, and the U.S. Virgin Islands. Typically, breach notification laws include a:

  • Description of the personal information that must be protected
  • List of the businesses, organizations, and state/local agencies that must comply with the state's breach notification law
  • Process for the timing, content, and distibution of a breach notification
  • Any exceptions to the law (e.g., encrypted files)
  • Other provisions and applicable state laws
  • Penalties for violations
  • Whether breach victims (e.g., state residents) can sue, and if so against whom

Four states do not have any breach notification laws:

  • Alabama
  • Kentucky
  • New Mexico
  • South Dakota

If you live in one of these states, contact your elected officials and demand that your state pass a breach notification law. When companies or government agencies have consumers' sensitive personal information lost or stolen, you need to know to protect yourself.

The report is also available here (Adobe PDF, 469 k bytes).


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.