In Depth

CSO Disclosure Series | Data Breach Notification Laws, State By State

Five years after California's landmark SB 1386, our interactive map shows you which 38 states have passed laws requiring companies to notify consumers whose personal information has been compromised. [UPDATED 7/28/2008]

By Scott Berinato

Page 2

The map is meant to cover the highlights of the various state laws and is not meant to be comprehensive. For the most comprehensive information available, you can in most cases click on the thumbnail icon in the highlights box and be taken to a copy of the state law.

This map was created to provide a single source for information on all state laws that is both a good reference and visually intuitive. We started it as an experiment, and we'd love to know what you think of it and how you would improve it. Enjoy!

Executive Editor Scott Berinato can be reached at sberinato@cxo.com.

Sources: Scott and Scott LLP, Perkins Coie, Proskauer Rose LLP, CSO Reporting
Map last updated: 2/12/2008

To learn more:

CSO DISCLOSURE SERIES, 2008

The Dos and Don'ts of Disclosure Letters
One security breach, two letters, 11 lessons in the art of telling customers you screwed up. Two PR pros deconstruct the messages that Monster.com and USAJOBS were really giving to customers whose personal information had been disclosed.

What's Next with Disclosure Legislation?
An interview with lawyer and breach notification expert Tanya Forsheit on why the United States still doesn't have a federal breach notification law.

What California's New Medical Disclosure Law Means for the Rest of Us
New state law AB 1298, aimed at reducing instances of medical identity theft, could prompt similar legislation elsewhere, but experts are still unsure whether out-of-state companies with information about Californians must comply.

User Education: How to Respond to a Data Breach Disclosure
Just find out that your personal information has been compromised? Heres what to do.

Reporter's Notebook: The United States of TMI
Lead paint in toys. Brain-eating amoeba. Identity theft. Drowning in sand. We know more than ever about the risks all around us. Do we know what disclosing them all is doing to us?

Other stories by Scott Berinato

$firstKeyword

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors