Are you aware of the state data breach law requirements for all the states your customers reside in? As of April 2018 all 50 states, the District of Columbia, and all US Territories have Data Breach Notification laws. For consumers who live in these states, they are protected by Data Breach laws that provide for various notification processes to both the consumer and in some cases the State Attorney General of a data breach. In addition, some states, such as Delaware*, have incorporated Credit Bureau monitoring services to be provided by the business to its customers that were impacted by the data breach, at the business's expense.
Many states have safe harbor exclusions if you are using encryption properly, and can demonstrate that your data is secure.
Our Cyber Security Risk Assessment services can assist you in reducing the risk of a data breach, and should you still have a breach, our team can guide you in reducing your risk of non-compliance with the state laws that impact your business and your customers.
* - Delaware - House Bill 180 (HB180) was signed into law in August 2017 and will be effective in April 2018.
If you have employees or customers in Maryland, then you need to be in compliance with Maryland's new PIPA that went into effect on January 1, 2018. Click the below button for how this new law impacts small business owners and not-for-profit organizations.
The Delaware House Bill 180 will become law on April 14, 2018. If you have customers or employees in Delaware, click the button below to find out how this impacts small business owners and not-for-profit organizations.