Mandatory Timeframe for Breach Reporting and/or Consumer Notification

As Soon as Possible
Laws related specifically to personal information
  • Breach Reporting & Consumer Notification
  • Protect personal information
  • Program for Protection/Security
  • Third Party: Specific Obligations
  • Third Party: Mandated Contracts
  • Employee Training
  • Data Disposal/Destruction
  • Risk Assessment
  • Requests for Information
Fines & Penalties

Violations of Breach and Notification Laws Attorney General may bring action

Regulation Levels
  • Breach Reporting
  • Consumer Notifications
  • Third Party Management
  • Data Protection
  • None to minimal
  • Basic Requirements
  • Comprehensive Requirements
  • Extensive Requirements
Quick Facts
  • Violation of notification provisions of the Alabama Data Breach Notification Act shall be liable for a civil penalty of up to $5,000 per day for each consecutive day that the covered entity fails to take reasonable action.
  • Upon discovery of a breach, the business should conduct an investigation to determine specific details about the breach including, cause, possible harm/risk and possible mitigation methods.
  • Both applicable businesses and its vendors are required to implement and maintain security measures to protect the sensitive personally identifiable information in their possession, to prevent a breach.
  • Credit reporting agencies must be notified if more than 1,000 individuals must be provided notice of the incident.
  • There are specific details that must be included in your consumer notifications.
  • There are specific details that must be included in your breach reports.
  • Vendors that experience a breach must notify the data owner as expeditiously as possible and no later than 10 days upon determining a breach has occurred.
Statutes and Laws
  • Wyo. Stat. § 40-12-501 Definitions
  • Wyo. Stat. § 40-12-502 Computer security breach; notice to affected persons
  • Wyo. Stat. §§ 40-12-101 et seq. Wyoming Consumer Protection Act
BAck to map