Over the past year-and-a-half there has been a rapidly growing number of states enacting and considering various forms of data security and breach notification laws. This appears to be in response to the ever growing number of disclosures by businesses and governmental agencies regarding the loss and theft of personal data by way of computer database hackers and thefts of computers containing personal data, to name a few. There seems to be particular concern over the length of time between the loss or theft of the personal data and the notification to those whose data has been compromised. Consequently, specific notification requirements are a recurring theme in the state statutes dealing with data security. As of June 27, 2006, thirty-one states had enacted security breach laws in one form or another.
展开▼
