Data Breach Laws by State

Whether you operate a one-person freelancing business from the laptop you’ve had for years or you have a nine employees and a bustling retail space, you’re responsible for protecting data you collect from customers. The federal government regulates how businesses have to respond to breaches of medical data (through the HITECH rules in HIPAA), but other types of data breaches are regulated at the state level.

Choose your state to find out what’s required of your business if and when you suffer a data breach.


What Do State Data Breach Laws Require?

The specifics of data breach laws vary from state to state, but most state laws require one or more of the following:

  • Fines for businesses that enable data breaches
  • Notifications of customers affected by the breach
  • Notifications of regulatory boards

The bad news is that data breaches are becoming more common and can be expensive. The good news? Businesses that invest in Cyber Liability Insurance can prevent a data breach from draining their bank accounts. The benefits from a Cyber Liability policy can cover the cost of notifying affected customers, paying fines, and even launching a PR campaign to restore a business’s reputation.

For free quotes on Cyber Liability coverage for your business, fill out this online application. We’ll send you quotes from top carriers directly to your inbox.

Please note: This guide is for informational purposes only. We cannot guarantee that the information in this guide reflects the most recent legislation in any state. To determine whether your state has more recent data breach laws than those included in this guide, visit your state's website.