As our readers know, we maintain a summary of the US state data breach notification laws, which we refer to as the “Mintz Matrix.” We update the Mintz Matrix on a quarterly basis, or more frequently if developments dictate.
We’ve updated the Mintz Levin State Data Breach Notification Matrix to reflect recent changes to Kentucky’s law and Iowa’s law. The Mintz Matrix is available here.
Kentucky recently became the 47th state to add a data breach notification law. As we discussed in our post last Friday (here), the law also contains some provisions relating to provision of cloud computing services to K-12 (public and private).
Iowa recently added a requirement that the state’s Attorney General be provided notice in the event of a breach affecting more than 500 Iowa residents.