Citation[]
Gina Stevens, Data Security Breach Notification Laws (CRS Report R42475) (Apr. 10, 2012) (full-text).
Overview[]
This report provides an overview of state security breach notification laws applicable to entities that collect, maintain, own, possess, or license personal information. The report describes information security and security breach notification requirements in the Office of Management and Budget's “Breach Notification Policy,” the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and the Gramm-Leach-Bliley Act (GLBA).