Extract from Stephanie Martinez’s article “How Do State Governments Protect Your Personal Information?”
The world of data privacy often focuses on how companies are using consumers’ information and what measures those companies take to protect such information. Each of the fifty states have enacted laws that require entities to notify individuals of security breaches involving personally identifiable information (although those laws vary greatly). Additionally, twenty-five states have laws that address the data security practices of private sector entities. But what happens when a privacy breach originates not from a company, but from a government agency?