Mutual Matters

State Data Breach Notification Laws: Overview of the Patchwork

Posted by Carrie Lowe, JD on May 18, 2018 3:10:14 PM

By Joseph J. Lazzarotti, Jason C. Gavejian and Maya Atrakchi

The nation’s patchwork of state data breach notification laws is now complete. All 50 states, as well as the District of Columbia, Puerto Rico, Guam, and the Virgin Islands, have enacted breach notification laws requiring private organizations or government entities to notify individuals of a security breach involving their personally identifiable information. R_cyber6

The last two states, Alabama and South Dakota, enacted breach notification statutes in March. The Alabama Data Breach Notification Act of 2018 goes into effect on May 1, 2018. The South Dakota law will take effect on July 1, 2018.

Additionally, many other states, in response to trends, heightened public awareness, and a string of large-scale data breaches, have continued amending their existing laws. This means data breach notification laws change frequently and keeping up with them can be a challenge.

Requirements Vary

The first state data breach notification law was enacted in 2002 in California. It soon became the model for other states’ breach notification laws. In addition, the U.S. Department of Health and Human Services Office of Civil Rights (OCR) adopted a similar structure for covered entities and business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Find out more about the specific provisions that will affect your state by clicking below. 

Find out more

Topics: HIPAA and Cybersecurity

Subscribe to Email Updates

What other resources would you like us to provide?

Sharing Insight on Mutual Matters

As one of the leading mutual providers of Medical Professional Liability insurance, we're here to help all healthcare professionals with the challenges they face on a daily basis. The topics we cover include: 

  • MACRA
  • Healthcare legislation updates
  • HIPAA
  • Patient safety guidance
  • Practice and hospital management advice
  • and more. 

Recent Posts