With the explosive growth of online commerce, there are more points at which unsavory characters may infiltrate a company's confidential information database concerning employees and consumers. Some data breaches have garnered national attention (insert example, think Target, or the Ashely Madison hack that exposed reality TV stars); others merely show up in an envelope with a special label. Regardless of how data was breached, each state sets parameters for how any company that experiences a data breach must notify affected consumers. This chart details who the state laws apply to, what constitutes personal information, required notification to consumers in event of a breach and other information.

Note: The information collected and given below reflects our most current knowledge as of November 15. If you have questions or need clarification, please contact the Consumer Protection Bureau of the particular state.

This premium content is locked for FC&S Coverage Interpretation Subscribers

Enjoy unlimited access to the trusted solution for successful interpretation and analyses of complex insurance policies.

  • Quality content from industry experts with over 60 years insurance experience, combined
  • Customizable alerts of changes in relevant policies and trends
  • Search and navigate Q&As to find answers to your specific questions
  • Filter by article, discussion, analysis and more to find the exact information you’re looking for
  • Continually updated to bring you the latest reports, trending topics, and coverage analysis