US state data privacy laws

More than 35 states have passed laws that protect consumer privacy similar to CA 1386. State data privacy laws require organizations to safeguard the data collected from consumers who reside in those states, and in circumstances where privacy data has potentially been exposed, the organization must notify consumers who are affected.
Download US State Data Privacy datasheet

Key facts and data privacy requirements you should know

• Any organization that compiles, trades, and stores consumer data is subject to the regulations of the specific states in which it operates or has customers
• Compliance requires organizations to: Perform a risk assessment and evaluate current safeguards, design and implement data privacy policies, continuously monitor and improve data privacy safeguards
• Some states mandate that organizations proactively protect their customer data
• Some states require customer notification even when a detected breach merely creates a "reasonable likelihood" of harm
• Generally organizations must safeguard resident's Social Security Number, Driver's License number or state identification card, and credit card number, or debit card number, whether discrete or in combination with any associated security code or password.

^ back to top

Proven data loss prevention for State Data Privacy Laws

Financial services company protects privacy for 300 million consumers and demonstrates compliance with State Data Privacy Laws

A FORTUNE 1000 provider of consumer and commercial credit information, embarked on a multi-component plan to improve security and help the company demonstrate compliance with state data privacy regulations. The company selected Vontu Network Monitor for its network coverage, accuracy, and scale-capabilities that no other Data Loss Prevention solution could deliver. Today, the company monitors SMTP and FTP network protocols for unauthorized transmission of private customer data, uses out-of-the-box reports to review incidents on a daily basis, and can identify the biggest potential security risks in its existing infrastructure. With Vontu solutions, the company can better protect the private financial data of its 300 million consumers to comply with privacy laws in over 30 states in which it operates.

^ back to top

How Vontu solutions demonstrate compliance with State Data Privacy Laws

Vontu solutions provide comprehensive data loss prevention based on the most stringent state laws. Advantages include:

• Pre-defined State Data Privacy Policy Template with TrueMatch™ detection for the highest accuracy in the industry for social security numbers, drivers license numbers, and other protected data types
• Discover and protect exposed private consumer data exposed on file servers, databases, Microsoft® SharePoint®, Lotus Notes®, Documentum®, LiveLink®, web servers, Microsoft® Exchange, and other data repositories
• Monitor and prevent private consumer data loss on the network including email, IM, Web, Secure Web (HTTP over SSL), FTP, P2P, and generic TCP
• Discover private consumer data stored on the endpoint such as desktops and laptops, and prevent this data from being inappropriately used, sent out, or copied to storage devices such as USB drives, CD/DVDs, or iPods
• Auto-response and manager notifications help organizations change employee behavior and pinpoint compliance gaps in existing business processes
• Role-Based Access Control enables business units and departments to review and remediate only those incidents relevant to their role and privileges
• Comprehensive audit support through pre-built compliance reports and role-based dashboards.

Download the Eight Steps to Data Security Compliance whitepaper

^ back to top

Related Resources