BUSINESSCOMPUTINGEDUCATIONELECTRONICSENGINEERINGENVIRONMENTGAMINGHEALTHINTERNETMOBILEMONEYMULTIMEDIAPARENTINGSCIENCEHUBFOLIO
Linux Mac Windows Hardware Computer Security Enterprise

State Data Breach Laws: What You Need to Know

Article by Gregoriancant (521 pts ) , published Oct 27, 2009
Leave a comment

When California passed the first state data breach law back in 2003, it set a precedent that most other states followed. Here's what you need to know and the legal variances in whether data breach laws really protect you...

Having our private data breached is obviously one of the worst nightmares to deal with in the cyber world, and the U.S. federal government has and still is lax on the issue. Ultimately, California became the first state in the nation to have any foresight in helping inform people when data breaches happen to them. When California passed the first state data breach law in 2003 for companies to inform consumers about their personal information being compromised, 45 states eventually followed suit to date of this article. And, along the way, a basic blueprint was put forth in how a data breach should be handled with a consumer.

Here’s what you need to know as most of America implements the crux of California’s law:

States with a data breach law must notify you in writing

· This generality of legalese might fool those who feel comfortable living in a state with a data breach law. Almost all states with this law give the above heading of saying they’ll notify you in writing if your personal data has been compromised at a company you’re involved with for business or as an employee.

· What they don’t always tell you is that California and many other states hold the right to only notify you within a supposed reasonable period of time. That doesn’t always translate to notifying you immediately, which might disturb consumers who expect quick action when their personal information managed to get into the hands of someone unknown.

· Why the above happens is because California made sure they’d be free from legal action taken against them if they fail to comply within a timely manner. Yes, this means that they really don’t have to notify you at all about a data breach. The meaning of the law existing seems to give a stamp of approval on corporate ethics to let you know of a data breach by sheer goodwill rather than fear of legal repercussions.

Keep in mind, however, state attorneys general can prosecute companies if the companies have the hubris to ignore the most serious federal statutes.

How soon is soon in notifying someone with a data breach?

Images

California set a precedent for data breach laws...
Showing page 1 of 2
1
2next
Related Links
Top Related Articles
Find More Results
Search
Featured Articles
Most Popular
Must Read
Subscribe to Computer Security
RSS
Get free weekly updates, directly to your inbox.
Subscribe
Topics
Browse Computer Security
Bright Hub - Science & Technology Articles, Buyer's Guides, How-To Tips and Software Reviews
Become Bright Hub Writer