1Were you successful in finding your state’s data and security breach notification law? Specify the name of the law. If you were unable to download your state’s law, use the state of Virginia to complete the question.
2. What is the purpose of state governments imposing a breach notification law on organizations to protect their citizens?
3. Explain how state government data security breach notification laws relate to individual privacy.
4. Assess the scope and depth of privacy protection rights that a citizen has by being a resident of a state. Write down the name of your state, and then identify the following for your state’s breach notification law:
the data is encrypted or not encrypted?
a breach has occurred? If yes, specify the time. If no, describe how your state handles this.
5. True or false: If you are a citizen in one state but the company that had a data and security breach with your privacy data resides in another, the company must adhere to the data and security breach notification law of your home state.
6. Because most states have data and security breach notification laws related to their citizens’ privacy, what is the number one reason for having these laws from a citizen protection perspective?
7. Some states define a data and security breach as the loss and exposure of citizen privacy data in an unencrypted manner. If a state encountered a data and security breach, but no citizen’s privacy data was compromised given that it was encrypted in a steady-state within a database, does the company or organization have to abide by the data and security breach notification law?
8. True or false: Unauthorized access to a system must occur for the data and security breach notification law to take precedence.