Breach Based on Harm Threshold: YES
Deadline for Consumer Notice: Within reasonable time not greater than 45 days
Government Notification Required: NO
Scope of this Summary
Form of Covered Info
Encryption Safe Harbor
Timing: Must make reasonable efforts to notify affected residents within a reasonable time not to exceed 45 days after discovery of the breach, subject to law enforcement delay.
Content: Notice must indicate that covered entity knows of the unauthorized acquisition of covered info pertaining to the resident. Upon written request from a notified individual, the covered entity must identify the covered info that was acquired.
Method: By mail or by a method the entity has previously used to communicate with the affected person. If address is not known and covered entity has not previously communicated with the affected person, covered entity must provide notice by a method reasonably calculated to actually notify the affected person.