Posting in Technology
There are still four states where data breaches don't require consumer disclosure: New Mexico, South Dakota, Kentucky and Alabama.
When it comes to corporate data breaches, there are lots of unknowns but also plenty of givens.
For example, it is pretty much given that some opportunistic hacker or criminal will also be coming up with new ways to steal intellectual property from within corporate computing networks.
The likelihood that this will cost some unfortunate business -- no matter the size -- around $200 per customer record to fix is also extremely high.
But depending on where your company is located, your exposure in the matter of a data breach could cost you more or less -- based on the local laws. There are a lot of unknowns when it comes to liabilities, and how exactly your company can protect itself -- short of denying access to data.
As I reported last week in my feature about cyberinsurance, pretty much every state has a law that dictates what a company must do in the event of a data breach.
Now, data storage technology vendor Imation has come out with an infographic that gives you a "heat map" of which states have the toughest laws.
For example, did you know that California was the first to come up with its legislation, way back in 2003 before the iPhone was introduced (in fact, four years before it was introduced)? Or that the four states holding out on creating laws are New Mexico, South Dakota, Kentucky and Alabama?
Of the states that have passed data breach laws, North Dakota's policy is probably the most lax, while Virginia's law is considered among the toughest, which isn't really surprising given that the state is a hub for federal contracting and consulting.
Here's the visual (you can see more of the detail if you visit the link above directly):
Aug 28, 2012
The states where data privacy laws apply to the government? Unless things have changed in the past few months, the answer is NOWHERE. The people who hold the largest collection of your private data are not subject to the laws designed to protect you. They do not have to notify you if there is a breach, they do not have to compensate you for losses incurred. They will not be held responsible if there is a data theft. In most cases if they are government union members they will not even lose their job over a data breach. Sleep well knowing the government has your back on this issue.