With the increasing incidences of consumer data breaches, entreaties for stronger data privacy protections and regulations have grown stronger. As per the US federal government’s reluctance to salvage the situation, many of the 50 US state governments appear to have taken the bull by its horn. These states’ have, through their various legislative arms, pioneered varying levels of revisions and amendments to their data protection laws to meet evolving expectations.
These laws each set out in clear terms the definition of data breaches, the entities mandated to comply with data protection rules, data breach notification mandates, amongst other regulations put in place to reign-in data breaches within the jurisdiction of each state of the Union.
It is important to note that like it is common with laws of various jurisdictions, whether local or international, the definitions of data breaches differ and vary from state-to-state in the United States. Some definitions are restrictive in nature while some others are pretty flexible and generalistic. Different strokes for different folks.
Here’s how 5 states define data breaches to include (illegitimate) access.
In the Grand Canyon State, a data breach is defined as the unauthorized access or acquisition that compromises security or confidentiality of computerized personal information.
Under Section 36a-701b of the Constitution State’s General Statute, a data breach is regarded as unauthorized access or unauthorized acquisition of electronic files, media, databases, or computerized data, containing personal information.
By the provisions of The Aloha State’s laws, a security breach is defined as unauthorized access or acquisition of information when Illegal use of the information either has occurred or is likely to occur.
The Illinoian Personal Information Protection Act defines breach to mean the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the data collector.
For the state of Iowa, breach of security refers to unauthorized access of personal information maintained in paper or any other electronic medium.