Oklahoma
Privacy Laws
Overview
BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay
FINES & PENALTIES – Violations
Up to $150,000 per violation
Regulation Levels
-
Breach Reporting
-
Consumer Notification
-
Vendor Management
-
Vendor Contract Required
PRIVACY AND SECURITY LAWS
Laws related to personal information and privacy and security.
Breach Reporting
Required
Vendor Obligations
Required
Consumer Notification
Required
Vendor Contracts
Not Required
Vendor Notification
Required
Privacy Program
Not Required
QUICK FACTS
Oklahoma Privacy Law Information
There are specific considerations when determining if a breach is reportable. Notifications may only be given by specific methods.
If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.
Vendors must notify Organizations upon discovery of a breach or suspected breach. The Organization is responsible for submitting any required regulatory reporting and consumer notifications.
Violations of the Security Breach Notification Act may be enforced by the Attorney General or a district attorney in the same manner as an unlawful practice under the Oklahoma Consumer Protection Act and may obtain either actual damages for a violation a civil penalty up to $150,000 per breach or series of breaches. Organizations may be fined or penalized for Vendor violations.
Oklahoma Statutes and Laws
Short title
Definitions
Duty to disclose breach
Duty to disclose breach
Notice procedures deemed in compliance
Enforcement – Civil penalty limitation
Application of act
Student data accessibility, transparency and accountability act of 2013
DISCLAIMER
The information provided is not legal guidance or recommendations and are for informational purposes only.