Vermont Security Breach Notice Act

Vermont S 284 of 2007 requires any data collector that owns or licenses computerized personally identifiable information that includes personal information concerning a consumer shall notify the consumer that there has been a security breach following discovery or notification to the data collector of the breach. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:

• Vermont Security Breach Notice Act: Account and Password
• Vermont Security Breach Notice Act: Name and CCN
• Vermont Security Breach Notice Act: Name and Password (Wide)
• Vermont Security Breach Notice Act: Name and Password (Default)
• Vermont Security Breach Notice Act: Name and Password (Narrow)
• Vermont Security Breach Notice Act: Name and SSN
• Vermont Security Breach Notice Act: Password Dissemination for HTTP Traffic (Wide)
• Vermont Security Breach Notice Act: Password Dissemination for HTTP Traffic (Default)
• Vermont Security Breach Notice Act: Password Dissemination for HTTP Traffic (Narrow)