A computer-implemented system for data breach compliance comprises memory for storing computer executable program code; and a processor. The code comprises code for receiving electronic breach information (“EBI”), the EBI relating to a data breach, the EBI comprising data type information, geographic information, and data format information; code for analyzing the geographic information to choose an applicable set of regulatory rules; code for applying the rules to determine if a harm analysis is required; if the harm analysis is required, code for performing the harm analysis; code for analyzing the breach information and the volume of harm to determine if the volume of harm exceeds a harm threshold; and code for analyzing the breach information, the rules and the volume of harm to determine whether a consumer must be notified about the data breach.
展开▼