Quick Facts
Breach Based on Harm Threshold: NO
Deadline for Consumer Notice: Without unreasonable delay, but no later than 60 days
Government Notification Required: Yes, if 250+ residents are affected
More Details
Scope of this Summary
Covered Info
First name or first initial and last name, plus: Social Security number; driver's license or government-issued identification number; account, credit or debit card number in combination with any required security or access code, or password that would permit access to an individual's financial account, OR information that identifies an individual and relates to: their physical or mental health or condition; the provision of healthcare to them; or payment for the provision of healthcare to them.
Form of Covered Info
Encryption Safe Harbor
Breach Defined
Consumer Notice
Timing: Must be made as quickly as possible, except as necessary to determine the scope of the breach and restore the reasonable integrity of the system.
Method: By written notice or electronic notice if consistent with E-SIGN. Substitute notice is available if certain criteria are satisfied.
Delayed Notice
Government Notice
Consumer Reporting Agency Notice
Third-Party Notice
Potential Penalties
This summary is for informational purposes only. It provides general information and not legal advice or opinions regarding specific facts. Additional requirements or conditions may apply to any or all provisions referenced herein. For more information about the state data breach notification laws or other data security matters, please seek the advice of counsel.
Last revised on January 2, 2020