Expect a Boom in State-Level Regulatory Action
In the absence of federal regulatory action for standardized data breach notification requirements, states may experiment with data breach laws in the coming year, from adjusting timing and content of notification, to defining personal data, and requirements to alert media and regulators. Unfortunately, for companies with customers in multiple states, there is no one-size-fits-all approach to notification that meets each standard. Currently, U.S. businesses face a patchwork of data breach laws across 47 states, along with the District of Columbia and Puerto Rico.

Leave a Reply