Nebraska
Privacy Laws
Overview
BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay
FINES & PENALTIES – Violations
Award of direct economic damages
Regulation Levels
-
Breach Reporting
-
Consumer Notification
-
Vendor Management
-
Vendor Contract Required
PRIVACY AND SECURITY LAWS
Laws related to personal information and privacy and security.
Breach Reporting
Required
Vendor Obligations
Required
Consumer Notification
Required
Vendor Contracts
Required
Vendor Notification
Required
Privacy Program
Required
QUICK FACTS
Nebraska Privacy Law Information
Any individual or commercial entity that conducts business in Nebraska and maintains personal information about Nebraska residents must implement and maintain reasonable security procedures and practices that are appropriate to the nature and sensitivity of the personal information. They must also require by contract that the service provider implement and maintain reasonable security procedures and practices appropriate to the nature of the personal information. Organizations must contract with Vendors to whom the Organization discloses personal information.
There are specific considerations when determining if a breach is reportable. Notifications may only be given by specific methods.
If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.
Vendors must notify Organizations, without delay after the discovery of a breach or suspected breach. The Organization is responsible for submitting any required regulatory reporting and consumer notifications. Vendors must cooperate with Organizations to provide all necessary information regarding a breach incident.
Violations of the data protection requirements are enforced as unfair or deceptive acts or practices. Organizations may be fined or penalized for Vendor violations. The state attorney general may issue subpoenas and seek and recover direct economic damages for each affected Nebraska resident injured by a violation. The Attorney General may bring an action to recover direct economic damages for each affected Nebraska resident injured by a violation of the requirements for breach notification.
Nebraska Statutes and Laws
Unfair competition; practices; unlawful
Financial data protection and consumer notification of data
Breach of security; investigation; notice to resident
Attorney general; powers; violation
Security procedures and practices; disclosure of computerized data; contract provisions; compliance
DISCLAIMER
The information provided is not legal guidance or recommendations and are for informational purposes only.