General Liability Insurance
Professional Liability Insurance
Errors and Omissions Insurance
Cyber Liability / Data Breach Insurance
Workers' Compensation Insurance
Business Owner’s Policy
Data Breach Insurance
Certificate of Liability Insurance
Additional Insurance Offerings
4.9 out of 5 Customer Rating
Get in-depth information on essential insurance coverages.
Certificate of Liability insurance
Virginia data breach laws apply to any entity that stores the protected information (PI) of a VA resident. Businesses must notify customers about data breaches and report any breach affecting more than 1,000 Virginia residents to consumer reporting agencies.
Regulatory fines can be issued for up to $150,000 per incident.
Name of Law / Statute
Definition of Protected Information
Combination of (1) name or other identifying info, PLUS (2) one or more of these "data" elements: SSN; driver's license number; or account number, credit card number, debit card number if accompanied by PIN, password, or
Who Is Subject to Law?
Any individual or entity "storing" PI of state residents
Notification of Consumers?
By what means?
Written, phone, or electronic; if >1,000 residents, must notify consumer reporting agencies
Substitute Notice Threshold?
If cost of notice >$50,000 or involves >100k residents
Notification of authorities / regulators required?
Yes if >1,000 affected
Up to $150k/breach
Credit monitoring requirement?
Private lawsuits allowed?
Private damages cap?
Direct economic damages
Regulatory actions allowed?
HIPAA Compliance exemption?
Other (e.g., timeframe)
Law does not apply if PI was encrypted (unless encryption was compromised) or redacted
Link to complete law
Virginia's data breach law
Read the full text of Virginia’s data breach law.