Where are U.S. data breach laws toughest? Check this map

There are still four states where data breaches don't require consumer disclosure: New Mexico, South Dakota, Kentucky and Alabama.
Written by Heather Clancy, Contributor

When it comes to corporate data breaches, there are lots of unknowns but also plenty of givens.

For example, it is pretty much given that some opportunistic hacker or criminal will also be coming up with new ways to steal intellectual property from within corporate computing networks.

The likelihood that this will cost some unfortunate business -- no matter the size -- around $200 per customer record to fix is also extremely high.

But depending on where your company is located, your exposure in the matter of a data breach could cost you more or less -- based on the local laws. There are a lot of unknowns when it comes to liabilities, and how exactly your company can protect itself -- short of denying access to data.

As I reported last week in my feature about cyberinsurance, pretty much every state has a law that dictates what a company must do in the event of a data breach.

Now, data storage technology vendor Imation has come out with an infographic that gives you a "heat map" of which states have the toughest laws.

For example, did you know that California was the first to come up with its legislation, way back in 2003 before the iPhone was introduced (in fact, four years before it was introduced)? Or that the four states holding out on creating laws are New Mexico, South Dakota, Kentucky and Alabama?

Of the states that have passed data breach laws, North Dakota's policy is probably the most lax, while Virginia's law is considered among the toughest, which isn't really surprising given that the state is a hub for federal contracting and consulting.

Here's the visual (you can see more of the detail if you visit the link above directly):

This post was originally published on Smartplanet.com

Editorial standards