Skip to main content

Data Breach Notification Laws

Data Breach Notification Laws

(updated January 2018)

Data breaches are seemingly always in the news and many companies are taking steps to prevent them. But in the event a breach should occur, do you know the notification laws of your state? What’s more, did you know that if your business clients are in a different state, the notification laws of that state will apply?

One breach can bring into play multiple states’ notification laws. 48 out of 50 states, as well as the District of Columbia and Puerto Rico, have their own notification laws which outline what constitutes a breach, how and when a notification must be furnished, and any additional requirements, such as credit monitoring.

Breach Chart

This Security Breach Notification Chart from Perkins Coie can help navigate these murky waters. Keep in mind that state laws can change at any time, so it’s important to keep an eye out for new legislation enacted in areas where you do business.

Cyber Insurance

Data breaches are expensive. According to the Ponemon Institute’s 2017 Global Cost of a Data Breach Study, the average cost is $141 per record. Though this amount represents a $17 decrease from 2016, the overall cost can be staggering when one considers the many thousands of records that can be lost in one breach.

Cyber Insurance can help mitigate this cost, but only if you’re properly insured. Questions about your coverage? Reach out to Hilb Group (formerly New Agency Partners) today to learn more about how you can protect your business from losses relating to a Cyber attack or other data breach.


All insurance policies are different. Be sure to review your insurance policy for specific information about coverages available to you. Nothing in this post is meant to suggest a guarantee of coverage.