Breach Based on Harm Threshold: YES
Deadline for Consumer Notice: Without unreasonably delay
Government Notification Required: NO
Scope of this Summary
Form of Covered Info
Encryption Safe Harbor
Timing: Must be made without unreasonable delay, consistent with any measures to determine the scope of the breach and restore the reasonable integrity of the system.
Content: Notice must include: description of categories of info acquired; telephone number or website address to contact the covered entity (or agent) to learn types of info about individuals maintained by the covered entity and whether the entity maintained info about that individual; and toll-free numbers and addresses for major CRAs and info on how to place a fraud alert or security freeze.
Method: By written notice to postal address in covered entity’s records, telephone notice, or electronic notice if consistent with E-SIGN. Substitute notice is available if certain criteria are satisfied.