With the current announcements of personal information data breaches, it seems to be happening quite frequently. Some of the most-known data breaches of personal information are: Anthem, Ashley Madison, Ebay, JP Morgan Chase, Sony Pictures Entertainment, and Tricare.
The most recent announcement came from Verizon Enterprise Solutions data breach, their massive data breach affected more than 1.5 million customers of their computer security wing. This breach caused a major ripple effect since this particular division of Verizon helps other corporations when they are victims of data breaches.
When a data breach occurs, according to the Security Breach Notification Laws…
“Forty-seven states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have enacted legislation requiring private, governmental or educational entities to notify individuals of security breaches of information involving personally identifiable information. Security breach laws typically have provisions regarding who must comply with the law (e.g., businesses, data/ information brokers, government entities, etc); definitions of “personal information” (e.g., name combined with SSN, drivers license or state ID, account numbers, etc.); what constitutes a breach (e.g., unauthorized acquisition of data); requirements for notice (e.g., timing or method of notice, who must be notified); and exemptions (e.g., for encrypted information).”
For more information, state-specific laws are listed at the bottom of the page.
How do cybercriminals target devices for the data that they store? It’s based on how easy you are to exploit and how clear of a path you have to critical systems and valuable data. Malware was a factor in over 50% of all personal information data breaches. The cybercriminals use it as part of the initial compromise in order to capture the valuable data thus allowing them to “leapfrog” into other systems and extract the info and cover their tracks.
AlertOps has multiple ways to notify you; although we can’t stop a person information data breach from happening we can ensure that you receive the proper notifications to manage the service levels. With AlertOps’ workflows helping to manage escalations, so if and when a data breach occurs, AlertOps can trigger notifications to people and systems simultaneously. AlertOps will send reminders to the incident owners at regular intervals along with sending reminders based off of an SLA deadline. Allowing you to trigger other flows, such as changing the control processes needed to resolve major data breach incidents.
AlertOps’ SLAs are set based on priority and severity levels, which allows you to create over rides when needed. AlertOps’ message rules and workflow engines give you the flexibility to configure and enhance your incident management solution to fit your needs and prevent personal information data breaches.
| State | Citation |
| Alaska | Alaska Stat. § 45.48.010 et seq. |
| Arizona | Ariz. Rev. Stat. § 44-7501 |
| Arkansas | Ark. Code § 4-110-101 et seq. |
| California | Cal. Civ. Code §§ 1798.29, 1798.80 et seq. |
| Colorado | Colo. Rev. Stat. § 6-1-716 |
| Connecticut | Conn. Gen Stat. § 36a-701b, 2015 S.B. 949, Public Act 15-142 |
| Delaware | Del. Code tit. 6, § 12B-101 et seq. |
| Florida | Fla. Stat. §§ 501.171, 282.0041, 282.318(2)(i) |
| Georgia | Ga. Code §§ 10-1-910, -911, -912; § 46-5-214 |
| Hawaii | Haw. Rev. Stat. § 487N-1 et seq. |
| Idaho | Idaho Stat. §§ 28-51-104 to -107 |
| Illinois | 815 ILCS §§ 530/1 to 530/25 |
| Indiana | Ind. Code §§ 4-1-11 et seq., 24-4.9 et seq. |
| Iowa | Iowa Code §§ 715C.1, 715C.2 |
| Kansas | Kan. Stat. § 50-7a01 et seq. |
| Kentucky | KRS § 365.732, KRS §§ 61.931 to 61.934 |
| Louisiana | La. Rev. Stat. §§ 51:3071 et seq., 40:1300.111 to .116 |
| Maine | Me. Rev. Stat. tit. 10 § 1347 et seq. |
| Maryland | Md. Code Com. Law §§ 14-3501 et seq., Md. State Govt. Code §§ 10-1301 to -1308 |
| Massachusetts | Mass. Gen. Laws § 93H-1 et seq. |
| Michigan | Mich. Comp. Laws §§ 445.63, 445.72 |
| Minnesota | Minn. Stat. §§ 325E.61, 325E.64 |
| Mississippi | Miss. Code § 75-24-29 |
| Missouri | Mo. Rev. Stat. § 407.1500 |
| Montana | Mont. Code §§ 2-6-1501 to -1503, 30-14-1701 et seq., 33-19-321 |
| Nebraska | Neb. Rev. Stat. §§ 87-801, -802, -803, -804, -805, -806, -807 |
| Nevada | Nev. Rev. Stat. §§ 603A.010 et seq., 242.183 |
| New Hampshire | N.H. Rev. Stat. §§ 359-C:19, -C:20, -C:21; 189:66 |
| New Jersey | N.J. Stat. § 56:8-161, -163 |
| New York | N.Y. Gen. Bus. Law § 899-aa, N.Y. State Tech. Law 208 |
| North Carolina | N.C. Gen. Stat §§ 75-61, 75-65 |
| North Dakota | N.D. Cent. Code §§ 51-30-01 et seq., 51-59-34(4)(d) |
| Ohio | Ohio Rev. Code §§ 1347.12, 1349.19, 1349.191, 1349.192 |
| Oklahoma | Okla. Stat. §§ 74-3113.1, 24-161 to -166 |
| Oregon | Oregon Rev. Stat. § 646A.600 to .628, 2015 S.B. 601, Chap. 357 |
| Pennsylvania | 73 Pa. Stat. § 2301 et seq. |
| Rhode Island | R.I. Gen. Laws § 11-49.2-1 et seq., 2015 S.B. 134, Public Law 2015-138, 2015 H.B. 5220, Public Law 2015-148 |
| South Carolina | S.C. Code § 39-1-90, 2013 H.B. 3248 |
| Tennessee | Tenn. Code § 47-18-2107; § 8-4-119 (2015 S.B. 416, Chap. 42) |
| Texas | Tex. Bus. & Com. Code §§ 521.002, 521.053; Tex. Ed. Code § 37.007(b)(5); Tex. Pen. Code § 33.02 |
| Utah | Utah Code §§ 13-44-101 et seq.; § 53A-13-301(6) |
| Vermont | Vt. Stat. tit. 9 § 2430, 2435 |
| Virginia | Va. Code § 18.2-186.6, § 32.1-127.1:05, § 22.1-20.2 |
| Washington | Wash. Rev. Code § 19.255.010, 42.56.590, 2015 H.B. 1078, Chapter 65 |
| West Virginia | W.V. Code §§ 46A-2A-101 et seq. |
| Wisconsin | Wis. Stat. § 134.98 |
| Wyoming | Wyo. Stat. § 40-12-501 et seq. |
| District of Columbia | D.C. Code § 28- 3851 et seq. |
| Guam | 9 GCA § 48-10 et seq. |
| Puerto Rico | 10 Laws of Puerto Rico § 4051 et seq. |
| Virgin Islands | V.I. Code tit. 14, § 2208 |
