States Privacy News

HIPAA Events


Events Webinars Training

Vermont amended its breach notice requirements. It added the obligation to notify the Vermont attorney general as well as adding a 45-day deadline to notify affected consumers.

The amended language also redefines a “security breach” as the “unauthorized acquisition of electronic data or a reasonable belief of an unauthorized acquisition of electronic data that compromises the security, confidentiality, or integrity” of the data.