Breach Based on Harm Threshold: YES
Deadline for Consumer Notice: As soon as possible
Government Notification Required: YES
Scope of this Summary
Form of Covered Info
Encryption Safe Harbor
Timing: Must be made as soon as possible following determination that covered information has been or is reasonably likely to be misused or following conclusion that such determination cannot be made.
Content: Notice must include a description of the incident in general terms, the approximate date of the breach, the type of covered info that was obtained as a result of the breach, and a telephone number for the covered entity.
Method: By written notice, electronic notice (if the primary means of communication with affected individuals), or by telephone notice (if a log of the notification is kept). Substitute notice is available if certain criteria are satisfied.
If notice to consumers is required, must also notify the Attorney General's office of the breach. Such notice must contain the anticipated date of notice to consumers and the approximate number of New Hampshire residents who will be notified.
Entities engaged in trade or commerce subject to the jurisdiction of the bank commissioner, director of securities regulation, insurance commissioner, public utilities commission, the financial institutions and insurance regulators of other states, or federal banking or securities regulators must notify the primary regulator of such trade or commerce about the breach instead of the Attorney General. Different regulators may have different notification requirements and deadlines.