Breach Based on Harm Threshold: YES
Deadline for Consumer Notice: No later than 90 days
Government Notification Required: YES
Scope of this Summary
Form of Covered Info
Encryption Safe Harbor
Timing: Must be made without unreasonable delay, subject to completion of an investigation to determine the nature and scope of the incident, to identify those affected, or to restore the reasonable integrity of the system.
Content: If Social Security Numbers are breached or reasonably believed to have been breached, must offer appropriate identity theft prevention and, if applicable, mitigation services at no cost to the resident for not less than 24 months, as well as information on how the resident can place a credit freeze.
Method: By written notice, telephone notice, or electronic notice if it is consistent with E-SIGN. Substitute notice is available if certain criteria are satisfied.