Skip to main content

Get your updated Mintz Matrix!

As our readers know, we maintain a summary of the US state data breach notification laws, which we refer to as the “Mintz Matrix.”   We update the Mintz Matrix on a quarterly basis, or more frequently if developments dictate.

We’ve updated the Mintz Levin State Data Breach Notification Matrix to reflect recent changes to Kentucky's law and Iowa's law.   The Mintz Matrix is available here.

Kentucky recently became the 47th state to add a data breach notification law.   As we discussed in our post last Friday (here), the law also contains some provisions relating to provision of cloud computing services to K-12 (public and private).

Iowa recently added a requirement that the state's Attorney General be provided notice in the event of a breach affecting more than 500 Iowa residents.

 

Now, for today’s disclaimer: This chart is for informational purposes only and does not constitute legal advice or opinions regarding any specific facts relating to specific data breach incidents. You should seek the advice of experienced legal counsel (e.g., the Mintz Levin privacy team) when reviewing options and obligations in responding to a particular data security breach.

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.